stcqaclient.shopthecart.ca Open in urlscan Pro
3.23.101.25  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response stcqaclient.shopthecart.ca/	33 KB 9 KB	817ms 162ms	Document text/html	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Next.js Resource Hash 1673b1918f86b6ff5f767c8941821c8a81f856e1b6ee755ef8dfcd39b3030ac4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Tue, 04 Jul 2023 06:50:38 GMT ETag "16ocncmo2s8q1r" Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By Next.js
GET H/1.1	200 OK	2aaf0723e720e8b9-s.p.woff2 stcqaclient.shopthecart.ca/_next/static/media/	37 KB 37 KB	85ms 84ms	Font font/woff2	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/media/2aaf0723e720e8b9-s.p.woff2 Requested by Host: stcqaclient.shopthecart.ca URL: https://stcqaclient.shopthecart.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34 Request headers Referer https://stcqaclient.shopthecart.ca/ Origin https://stcqaclient.shopthecart.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:38 GMT Last-Modified Tue, 04 Jul 2023 06:48:37 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"9394-1891fa90445" Content-Type font/woff2 Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 37780
GET H/1.1	200 OK	webpack.js Show response stcqaclient.shopthecart.ca/_next/static/chunks/	47 KB 9 KB	256ms 91ms	Script application/javascript	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/chunks/webpack.js?ts=1688453438792 Requested by Host: stcqaclient.shopthecart.ca URL: https://stcqaclient.shopthecart.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 7ce044f7d528027f8be8fc0fcef4974061b1c3b16d2b18e7ed50ede90d0a0d0f Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Content-Encoding gzip Last-Modified Tue, 04 Jul 2023 06:48:42 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"bb3f-1891fa91799" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	main.js Show response stcqaclient.shopthecart.ca/_next/static/chunks/	4 MB 1 MB	338ms 173ms	Script application/javascript	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/chunks/main.js?ts=1688453438792 Requested by Host: stcqaclient.shopthecart.ca URL: https://stcqaclient.shopthecart.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash dea10d3dcea4ad020302f684958b2b3f7c48638d8a340ccd7de96cdf2d78cd13 Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Content-Encoding gzip Last-Modified Tue, 04 Jul 2023 06:48:33 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"46eb5b-1891fa8f465" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	_app.js Show response stcqaclient.shopthecart.ca/_next/static/chunks/pages/	281 KB 73 KB	347ms 181ms	Script application/javascript	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/chunks/pages/_app.js?ts=1688453438792 Requested by Host: stcqaclient.shopthecart.ca URL: https://stcqaclient.shopthecart.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash a106a364bd251e52d724c7f9ab541f8cd36b39d5a68cf9c3763b8bda083d1c7f Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Content-Encoding gzip Last-Modified Tue, 04 Jul 2023 06:48:32 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"4655d-1891fa8ef91" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	index.js Show response stcqaclient.shopthecart.ca/_next/static/chunks/pages/	3 MB 672 KB	290ms 124ms	Script application/javascript	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/chunks/pages/index.js?ts=1688453438792 Requested by Host: stcqaclient.shopthecart.ca URL: https://stcqaclient.shopthecart.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash c40dc3a566255e94fd1d883f69ac515671feb005479f65c34ff8443a3e66edfc Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Content-Encoding gzip Last-Modified Tue, 04 Jul 2023 06:48:37 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"2e782e-1891fa90445" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	_buildManifest.js Show response stcqaclient.shopthecart.ca/_next/static/development/	296 B 641 B	100ms 100ms	Script application/javascript	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/development/_buildManifest.js?ts=1688453438792 Requested by Host: stcqaclient.shopthecart.ca URL: https://stcqaclient.shopthecart.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 7207c980ba19a0bc28ccd5152d614370bfc0cedd6e42294e7bb883a0053bf227 Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Last-Modified Tue, 04 Jul 2023 06:48:42 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"128-1891fa91799" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 296
GET H/1.1	200 OK	_ssgManifest.js Show response stcqaclient.shopthecart.ca/_next/static/development/	76 B 419 B	88ms 88ms	Script application/javascript	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/development/_ssgManifest.js?ts=1688453438792 Requested by Host: stcqaclient.shopthecart.ca URL: https://stcqaclient.shopthecart.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479 Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Last-Modified Tue, 04 Jul 2023 06:48:42 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"4c-1891fa91799" Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 76
GET H/1.1	200 OK	react-refresh.js Show response stcqaclient.shopthecart.ca/_next/static/chunks/	76 KB 25 KB	334ms 171ms	Script application/javascript	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/chunks/react-refresh.js?ts=1688453438792 Requested by Host: stcqaclient.shopthecart.ca URL: https://stcqaclient.shopthecart.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 90fa6dcdd4bfceff8e8e515a57db92f6e161718083727123206269b835d5b2ca Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Content-Encoding gzip Last-Modified Tue, 04 Jul 2023 06:48:32 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"1313c-1891fa8ef8d" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes
GET H/1.1	200 OK	_devMiddlewareManifest.json Show response stcqaclient.shopthecart.ca/_next/static/development/	2 B 221 B	58ms 58ms	Fetch application/json	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/development/_devMiddlewareManifest.json Requested by Host: URL: webpack-internal:///./node_modules/next/dist/client/page-loader.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Server nginx/1.18.0 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	image stcqaclient.shopthecart.ca/_next/	157 KB 158 KB	64ms 64ms	Image image/webp	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stcqaclient.shopthecart.ca/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fmain_banner.debf9296.webp&w=1920&q=75 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 8452c65df6daa84b0560f84be881cb66ca1ed04cac4aaf65de202ef23d209498 Security Headers Name Value Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox; Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox; Server nginx/1.18.0 (Ubuntu) ETag hFLGXfbaqEsFYPhL6IHLZsoe0EysSq9l3iAu8j0glJg= Vary Accept Content-Type image/webp X-Nextjs-Cache STALE Cache-Control public, max-age=315360000, immutable Content-Disposition inline; filename="main_banner.webp" Connection keep-alive Content-Length 160966
GET H/1.1	200 OK	shopthecart_logo.e6ee00f5.svg stcqaclient.shopthecart.ca/_next/static/media/	3 KB 2 KB	485ms 484ms	Image image/svg+xml	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://stcqaclient.shopthecart.ca/_next/static/media/shopthecart_logo.e6ee00f5.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash ea6c8aa1ba5ecbec1b0e4fae8fefb6995ad4dac6d8b6a3475bdb050d5c91b41c Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:39 GMT Content-Encoding gzip Last-Modified Tue, 04 Jul 2023 06:48:37 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"d38-1891fa90445" Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/svg+xml Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes
OPTIONS H2	204	gst qastcapi.nexti.in/v1/api/tk/ Frame	0 0	212ms 58ms	Preflight	18.191.222.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qastcapi.nexti.in/v1/api/tk/gst Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.191.222.41 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-191-222-41.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://stcqaclient.shopthecart.ca Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-origin * date Tue, 04 Jul 2023 06:50:40 GMT server Kestrel strict-transport-security max-age=2592000
OPTIONS H2	204	gst qastcapi.nexti.in/v1/api/tk/ Frame	0 0	206ms 58ms	Preflight	18.191.222.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qastcapi.nexti.in/v1/api/tk/gst Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.191.222.41 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-191-222-41.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://stcqaclient.shopthecart.ca Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-origin * date Tue, 04 Jul 2023 06:50:40 GMT server Kestrel strict-transport-security max-age=2592000
GET H2	200	square.js Show response sandbox.web.squarecdn.com/v1/	344 KB 100 KB	220ms 41ms	Script application/javascript	2600:9000:23ca:4e00:1:f8a6:840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sandbox.web.squarecdn.com/v1/square.js Requested by Host: URL: webpack-internal:///./node_modules/react-square-web-payments-sdk/dist/node_modules/@square/web-sdk/dist/load.es.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:4e00:1:f8a6:840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e40aa34cd553dc07205bb6982f4b3e790ca9c426a32eae4a4ba444242022f4b7 Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id 5vH3JuhIQbiiXVFrfw0n9iWNbylDHr3y content-encoding gzip via 1.1 bd3e3884ce6fe1fd36336541cce9ec7e.cloudfront.net (CloudFront) date Mon, 03 Jul 2023 17:10:56 GMT x-amz-cf-pop JFK50-P2 age 81747 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED x-amz-meta-websdk-version 1.50.1 last-modified Fri, 30 Jun 2023 17:09:44 GMT server AmazonS3 etag W/"74bbacf70e290f61588d646d77d7bcd0" access-control-max-age 300 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * x-amz-meta-md5checksum dLus9w4pD2FYjWRtd9e80A== cache-control public, max-age=300 vary Accept-Encoding x-amz-cf-id ZctKG0NM6HDa1lAtYqyKEgp3btmPuLLLuYUwk9hT3vk0_XKoDOYEKA==
POST H2	200	gst Show response qastcapi.nexti.in/v1/api/tk/	559 B 615 B	53ms 52ms	Fetch application/json	18.191.222.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qastcapi.nexti.in/v1/api/tk/gst Requested by Host: URL: webpack-internal:///./src/components/footer/index.jsx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.191.222.41 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-191-222-41.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash b78a3abcdd85e778d3c4c8cd915777377d052dc57a0bd4c4086a5c3e7a0adc8f Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://stcqaclient.shopthecart.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * strict-transport-security max-age=2592000 date Tue, 04 Jul 2023 06:50:40 GMT server Kestrel content-type application/json; charset=utf-8
POST H2	200	gst Show response qastcapi.nexti.in/v1/api/tk/	559 B 592 B	53ms 53ms	Fetch application/json	18.191.222.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qastcapi.nexti.in/v1/api/tk/gst Requested by Host: URL: webpack-internal:///./src/components/footer/index.jsx Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.191.222.41 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-191-222-41.us-east-2.compute.amazonaws.com Software Kestrel / Resource Hash b78a3abcdd85e778d3c4c8cd915777377d052dc57a0bd4c4086a5c3e7a0adc8f Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://stcqaclient.shopthecart.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin * strict-transport-security max-age=2592000 date Tue, 04 Jul 2023 06:50:40 GMT server Kestrel content-type application/json; charset=utf-8
GET H2	200	main-iframe.html Show response sandbox.web.squarecdn.com/1.50.1/ Frame 61A4	329 KB 92 KB	33ms 33ms	Document text/html	2600:9000:23ca:4e00:1:f8a6:840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sandbox.web.squarecdn.com/1.50.1/main-iframe.html?applicationId=sandbox-sq0idb-TCfDHGnt3pJlc_9zvLXefA&hostname=stcqaclient.shopthecart.ca Requested by Host: sandbox.web.squarecdn.com URL: https://sandbox.web.squarecdn.com/v1/square.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:4e00:1:f8a6:840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 150be23eda51537000ba7df823b8ea823e0b6c7583c8d6e5fe424fc529ab30d8 Request headers Referer https://stcqaclient.shopthecart.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-methods GET, HEAD access-control-allow-origin * access-control-max-age 300 age 73726 cache-control public, max-age=300 content-encoding gzip content-type text/html date Mon, 03 Jul 2023 10:21:54 GMT etag W/"66e2274d238d970c643eabc63225b3e1" last-modified Tue, 27 Jun 2023 23:19:19 GMT server AmazonS3 vary Accept-Encoding via 1.1 bd3e3884ce6fe1fd36336541cce9ec7e.cloudfront.net (CloudFront) x-amz-cf-id A5xSDkm3m63LYu-7yYAFlQ6cR3xQ08V1_RswmSDm4Sbo2IKwFZYMIg== x-amz-cf-pop JFK50-P2 x-amz-meta-md5checksum ZuInTSONlwxkPqvGMiWz4Q== x-amz-meta-websdk-version 1.50.1 x-amz-replication-status COMPLETED x-amz-server-side-encryption AES256 x-amz-version-id UALCgaG2HpjQxOkXBAWQvjvZdQY8Sb2F x-cache Hit from cloudfront
OPTIONS H2	200	hydrate pci-connect.squareupsandbox.com/payments/ Frame	0 0	333ms 208ms	Preflight	172.66.0.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pci-connect.squareupsandbox.com/payments/hydrate?applicationId=sandbox-sq0idb-TCfDHGnt3pJlc_9zvLXefA&hostname=stcqaclient.shopthecart.ca&locationId=SA9GWXSDDG3Z5Q&version=1.50.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=631152000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://sandbox.web.squarecdn.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies access-control-allow-methods OPTIONS, GET access-control-allow-origin https://sandbox.web.squarecdn.com cf-cache-status DYNAMIC cf-ray 7e156f7498dba23a-YYZ content-length 0 date Tue, 04 Jul 2023 06:50:40 GMT server cloudflare strict-transport-security max-age=631152000; includeSubDomains; preload vary Origin, Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-sq-dc sjc2b x-sq-region sjc2b x-xss-protection 1; mode=block
GET H2	200	hydrate Show response pci-connect.squareupsandbox.com/payments/ Frame 61A4	1 KB 1 KB	274ms 223ms	Fetch application/json	172.66.0.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pci-connect.squareupsandbox.com/payments/hydrate?applicationId=sandbox-sq0idb-TCfDHGnt3pJlc_9zvLXefA&hostname=stcqaclient.shopthecart.ca&locationId=SA9GWXSDDG3Z5Q&version=1.50.1 Requested by Host: sandbox.web.squarecdn.com URL: https://sandbox.web.squarecdn.com/1.50.1/main-iframe.html?applicationId=sandbox-sq0idb-TCfDHGnt3pJlc_9zvLXefA&hostname=stcqaclient.shopthecart.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25d017480ae2395572722ff8bc1f0e6b59a0befb31dbbc37452d2bc6f32d8202 Security Headers Name Value Strict-Transport-Security max-age=631152000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept application/json Referer https://sandbox.web.squarecdn.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 content-type application/json; charset=utf-8 Response headers date Tue, 04 Jul 2023 06:50:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC x-sq-dc sjc2b square-version 2019-12-17 strict-transport-security max-age=631152000; includeSubDomains; preload x-permitted-cross-domain-policies none x-speleo-traceid CDN-ea3d1e6a-b5b7-40fa-8aa1-11dae2950dc0 x-sq-region sjc2b content-length 596 x-xss-protection 1; mode=block server cloudflare x-download-options noopen vary Origin, Accept-Encoding access-control-allow-methods OPTIONS, GET content-type application/json access-control-allow-origin https://sandbox.web.squarecdn.com x-frame-options SAMEORIGIN access-control-allow-credentials true cf-ray 7e156f762fe23a05-YYZ access-control-allow-headers Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
GET H2	200	data.js Show response js.squareupsandbox.com/payments/	88 KB 27 KB	335ms 269ms	Script application/javascript	162.159.140.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.squareupsandbox.com/payments/data.js Requested by Host: sandbox.web.squarecdn.com URL: https://sandbox.web.squarecdn.com/v1/square.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.28 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75789bb535fa89872844254cc6eab6ec8ebe7a27b114a46db2d2331de068bfa0 Security Headers Name Value Strict-Transport-Security max-age=631152000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 04 Jul 2023 06:50:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC x-sq-dc sjc2b x-permitted-cross-domain-policies none strict-transport-security max-age=631152000; includeSubDomains; preload server cloudflare x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript x-sq-region sjc2b cf-ray 7e156f780a6ba210-YYZ x-xss-protection 1; mode=block
GET H2	200	single-card-element-iframe.html Show response sandbox.web.squarecdn.com/1.50.1/ Frame 97C4	8 KB 2 KB	24ms 23ms	Document text/html	2600:9000:23ca:4e00:1:f8a6:840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sandbox.web.squarecdn.com/1.50.1/single-card-element-iframe.html Requested by Host: sandbox.web.squarecdn.com URL: https://sandbox.web.squarecdn.com/v1/square.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:4e00:1:f8a6:840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475 Request headers Referer https://stcqaclient.shopthecart.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-methods GET, HEAD access-control-allow-origin * access-control-max-age 300 age 64836 cache-control public, max-age=300 content-encoding gzip content-type text/html date Mon, 03 Jul 2023 12:50:06 GMT etag W/"03e704396b83c27986cdb35eb350b127" last-modified Tue, 27 Jun 2023 23:19:19 GMT server AmazonS3 vary Accept-Encoding via 1.1 bd3e3884ce6fe1fd36336541cce9ec7e.cloudfront.net (CloudFront) x-amz-cf-id EXTaiCegWnpTn-RZ0X45eIVZH9NTyRRcNU6EK43Y6sSuwSAnMIbAaQ== x-amz-cf-pop JFK50-P2 x-amz-meta-md5checksum A+cEOWuDwnmGzbNes1CxJw== x-amz-meta-websdk-version 1.50.1 x-amz-replication-status COMPLETED x-amz-server-side-encryption AES256 x-amz-version-id 9g8ckVlrsKeYDc_Awgsrn5kSLKCqeIgh x-cache Hit from cloudfront
GET H2	200	card-wrapper.css sandbox.web.squarecdn.com/1.50.1/	5 KB 2 KB	20ms 20ms	Stylesheet text/css	2600:9000:23ca:4e00:1:f8a6:840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sandbox.web.squarecdn.com/1.50.1/card-wrapper.css Requested by Host: sandbox.web.squarecdn.com URL: https://sandbox.web.squarecdn.com/v1/square.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:4e00:1:f8a6:840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8 Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 12:50:07 GMT x-amz-version-id GZ_4O5e8qWPUYTuX.sVLhkIz325oSVlb content-encoding gzip via 1.1 bd3e3884ce6fe1fd36336541cce9ec7e.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P2 age 64835 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED x-amz-meta-websdk-version 1.50.1 last-modified Tue, 27 Jun 2023 23:19:19 GMT server AmazonS3 etag W/"fc8dede0a55deae1322d5d80b0e848a9" access-control-max-age 300 access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * x-amz-meta-md5checksum /I3t4KVd6uEyLV2AsOhIqQ== cache-control public, max-age=300 vary Accept-Encoding x-amz-cf-id oCbds6wMFYiuet01Ifh2QG3A1iclQI7OPWQnFYCOnIu4LNMu8MeG8w==
GET H/1.1	200 OK	2aaf0723e720e8b9-s.p.woff2 stcqaclient.shopthecart.ca/_next/static/media/	37 KB 37 KB	39ms 39ms	Font font/woff2	3.23.101.25 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stcqaclient.shopthecart.ca/_next/static/media/2aaf0723e720e8b9-s.p.woff2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.23.101.25 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-23-101-25.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34 Request headers Referer https://stcqaclient.shopthecart.ca/ Origin https://stcqaclient.shopthecart.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 04 Jul 2023 06:50:41 GMT Last-Modified Tue, 04 Jul 2023 06:48:37 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"9394-1891fa90445" Content-Type font/woff2 Cache-Control no-store, must-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 37780
GET DATA	200 OK	truncated /	487 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f89929a556909e88126e8544bcc55ae94f6a967d723306b74c63907ca65e8619 Request headers Referer Origin https://stcqaclient.shopthecart.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	SquareSansText-Regular.woff2 square-fonts-production-f.squarecdn.com/square-text/	32 KB 32 KB	86ms 11ms	Font font/woff2	151.101.1.49 FASTLY
General Check archive.org Show headers Download Go to Full URL https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Regular.woff2 Requested by Host: sandbox.web.squarecdn.com URL: https://sandbox.web.squarecdn.com/1.50.1/card-wrapper.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.49 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83 Request headers Referer https://sandbox.web.squarecdn.com/ Origin https://stcqaclient.shopthecart.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id QOKhsyK8X68AxVIMO80C44ymI5m8cyAK date Tue, 04 Jul 2023 06:50:41 GMT via 1.1 varnish x-amz-request-id R0BPZ0B9HEYD6BPQ age 7287399 x-amz-server-side-encryption AES256 x-cache HIT content-length 32724 x-amz-id-2 6EdjxBssj4gFWlJNSRPMAj//jOjpDtaFb02gA+jdKduzViSBa1JIp8OvxEXkhJ2ftWz8KZMpOAs= x-served-by cache-yul12832-YUL last-modified Mon, 10 Apr 2023 22:33:04 GMT server AmazonS3 x-timer S1688453441.384537,VS0,VE0 etag "8bd78348f371229eadd661171386f3b8" content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-cache-hits 10500
GET H2	200	SquareSansText-Regular.woff2 square-fonts-production-f.squarecdn.com/square-text/ Frame 97C4	32 KB 32 KB	73ms 11ms	Font font/woff2	151.101.1.49 FASTLY
General Check archive.org Show headers Download Go to Full URL https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Regular.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.49 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83 Request headers Referer https://sandbox.web.squarecdn.com/ Origin https://sandbox.web.squarecdn.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id QOKhsyK8X68AxVIMO80C44ymI5m8cyAK date Tue, 04 Jul 2023 06:50:41 GMT via 1.1 varnish x-amz-request-id R0BPZ0B9HEYD6BPQ age 7287399 x-amz-server-side-encryption AES256 x-cache HIT content-length 32724 x-amz-id-2 6EdjxBssj4gFWlJNSRPMAj//jOjpDtaFb02gA+jdKduzViSBa1JIp8OvxEXkhJ2ftWz8KZMpOAs= x-served-by cache-yul12832-YUL last-modified Mon, 10 Apr 2023 22:33:04 GMT server AmazonS3 x-timer S1688453441.384591,VS0,VE0 etag "8bd78348f371229eadd661171386f3b8" content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-cache-hits 10501
POST H2	204	v2 pci-connect.squareupsandbox.com/payments/mtx/	0 87 B	228ms 227ms	Ping text/plain	172.66.0.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pci-connect.squareupsandbox.com/payments/mtx/v2 Requested by Host: sandbox.web.squarecdn.com URL: https://sandbox.web.squarecdn.com/v1/square.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=631152000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://stcqaclient.shopthecart.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain;charset=utf-8 Response headers date Tue, 04 Jul 2023 06:50:41 GMT strict-transport-security max-age=631152000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-sq-dc sjc2b x-permitted-cross-domain-policies none x-sq-region sjc2b x-xss-protection 1; mode=block server cloudflare x-download-options noopen vary Origin, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://stcqaclient.shopthecart.ca x-frame-options SAMEORIGIN access-control-allow-credentials true cf-ray 7e156f793a833a05-YYZ access-control-allow-headers Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
GET H2	200	frame.html Show response connect.squareupsandbox.com/payments/data/ Frame 977A	33 KB 12 KB	208ms 197ms	Document text/html	162.159.140.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://connect.squareupsandbox.com/payments/data/frame.html?referer=https%3A%2F%2Fstcqaclient.shopthecart.ca%2F Requested by Host: js.squareupsandbox.com URL: https://js.squareupsandbox.com/payments/data.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.28 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 753237d947776fe0ac4d4e831293cec24b7bed36d563b723c981dfcf9e4c0dc5 Security Headers Name Value Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Asandbox&service=payapi-analytics Strict-Transport-Security max-age=631152000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://stcqaclient.shopthecart.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 7e156f79ebf1a210-YYZ content-encoding gzip content-security-policy default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Asandbox&service=payapi-analytics content-type text/html date Tue, 04 Jul 2023 06:50:41 GMT expires Thu, 01 Jan 1970 00:00:00 UTC pragma no-cache server cloudflare strict-transport-security max-age=631152000; includeSubDomains; preload vary Origin, Accept-Encoding x-content-type-options nosniff x-download-options noopen x-permitted-cross-domain-policies none x-sq-dc sjc2b x-sq-region sjc2b x-xss-protection 1; mode=block
GET H2	200	/ Show response nd.squarecdn.com/2.2/w/w-669810/sync/js/	306 KB 57 KB	150ms 66ms	Script application/javascript	99.83.176.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nd.squarecdn.com/2.2/w/w-669810/sync/js/ Requested by Host: js.squareupsandbox.com URL: https://js.squareupsandbox.com/payments/data.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.176.153 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ab3378e3025098c17.awsglobalaccelerator.com Software nginx / Resource Hash d59711802a6efed1ca890adc9da4c6793457d2f49081074aadcd73f66883af14 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains X-Content-Type-Options nosniff, nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nds-datacontractrequirement1 Placement, No matching URL placement for w-669810 at https://stcqaclient.shopthecart.ca/. date Tue, 04 Jul 2023 06:50:41 GMT strict-transport-security max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains x-content-type-options nosniff, nosniff, nosniff x-nds-datacontractrequirement2 Placement, Placement page number has not been detected. server nginx content-encoding gzip x-frame-options SAMEORIGIN, SAMEORIGIN vary Accept-Encoding content-type application/javascript x-nds-datacontractrequirement0 Placement, Placement page has not been detected. x-xss-protection 1; mode=block, 1; mode=block
POST H2	204	v2 pci-connect.squareupsandbox.com/payments/mtx/ Frame 61A4	0 44 B	189ms 188ms	Ping text/plain	172.66.0.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pci-connect.squareupsandbox.com/payments/mtx/v2 Requested by Host: sandbox.web.squarecdn.com URL: https://sandbox.web.squarecdn.com/1.50.1/main-iframe.html?applicationId=sandbox-sq0idb-TCfDHGnt3pJlc_9zvLXefA&hostname=stcqaclient.shopthecart.ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=631152000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://sandbox.web.squarecdn.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain;charset=utf-8 Response headers date Tue, 04 Jul 2023 06:50:41 GMT strict-transport-security max-age=631152000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-sq-dc sjc2b x-permitted-cross-domain-policies none x-sq-region sjc2b x-xss-protection 1; mode=block server cloudflare x-download-options noopen vary Origin, Accept-Encoding access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://sandbox.web.squarecdn.com x-frame-options SAMEORIGIN access-control-allow-credentials true cf-ray 7e156f7a2b3d3a05-YYZ access-control-allow-headers Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
GET H2	200	/ Show response nd.squarecdn.com/2.2/w/w-669810/init/js/	537 B 1 KB	45ms 44ms	Script application/javascript	99.83.176.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://nd.squarecdn.com/2.2/w/w-669810/init/js/?q=%7B%22e%22%3A2301%2C%22oq%22%3A%221600%3A1200%3A1600%3A1200%3A1600%3A1200%22%2C%22wfi%22%3A%22flap-1%22%2C%22ji%22%3A%222.3.1%22%2C%22yf%22%3A%7B%7D%2C%22uers%22%3A%22uggcf%3A%2F%2Ffgpdnpyvrag.fubcgurpneg.pn%2F%22%2C%22ov%22%3A%22o2%7C1600k1200%201600k1200%2024%2024%7C0%7Cra-HF%7Coc1-q400qo6n8n86q525%7Csnyfr%7C%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F114.0.5735.198%20Fnsnev%2F537.36%7Cjt1-n46p01n68sp5740r%22%7D Requested by Host: nd.squarecdn.com URL: https://nd.squarecdn.com/2.2/w/w-669810/sync/js/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.176.153 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ab3378e3025098c17.awsglobalaccelerator.com Software nginx / Resource Hash 8fcec3d9f48f6fb6aa12d67aa07f0bc4bc524db75657cf4b836c0c2065556bcf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://stcqaclient.shopthecart.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 04 Jul 2023 06:50:41 GMT strict-transport-security max-age=31536000; includeSubDomains; x-content-type-options nosniff, nosniff server nginx x-frame-options SAMEORIGIN access-control-allow-methods GET, POST content-type application/javascript access-control-allow-origin * content-length 537 x-xss-protection 1; mode=block
POST H2	202	logs csp-report.browser-intake-datadoghq.com/api/v2/ Frame 977A	0 0	183ms 115ms	Other application/json	2600:1f18:24e6:b902:e19f:4bd5:25b2:7cc7 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Asandbox&service=payapi-analytics Requested by Host: stcqaclient.shopthecart.ca URL: https://stcqaclient.shopthecart.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:24e6:b902:e19f:4bd5:25b2:7cc7 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://connect.squareupsandbox.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/csp-report Response headers
POST H2	200	token Show response connect.squareupsandbox.com/v2/analytics/ Frame 977A	108 B 524 B	205ms 205ms	XHR application/json	162.159.140.28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://connect.squareupsandbox.com/v2/analytics/token Requested by Host: connect.squareupsandbox.com URL: https://connect.squareupsandbox.com/payments/data/frame.html?referer=https%3A%2F%2Fstcqaclient.shopthecart.ca%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.28 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7527ca80eb7c2813c0e46790eb9a71684e3eddfcb83df89d5a68d36cb85794e9 Security Headers Name Value Strict-Transport-Security max-age=631152000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://connect.squareupsandbox.com/payments/data/frame.html?referer=https%3A%2F%2Fstcqaclient.shopthecart.ca%2F accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers date Tue, 04 Jul 2023 06:50:42 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC x-sq-dc sjc2b square-version 2019-12-17 strict-transport-security max-age=631152000; includeSubDomains; preload x-permitted-cross-domain-policies none x-speleo-traceid CDN-3aca85b1-7e2b-4b2c-a31f-568d886291f5 x-sq-region sjc2b content-length 124 x-xss-protection 1; mode=block server cloudflare x-download-options noopen vary Origin, Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://connect.squareupsandbox.com x-frame-options SAMEORIGIN access-control-allow-credentials true cf-ray 7e156f7bed2ea210-YYZ access-control-allow-headers Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend object| webpackChunk_N_E function| $RefreshReg$ function| $RefreshSig$ function| webpackHotUpdate_N_E object| __REACT_DEVTOOLS_GLOBAL_HOOK__ object| $RefreshHelpers$ function| $RefreshInterceptModuleExecution$ object| _N_E function| __next_require__ number| __nextDevClientId boolean| _nextSetupHydrationWarning object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __DEV_MIDDLEWARE_MATCHERS object| __SENTRY__ object| Square object| ndsapi string| ndjsStaticVersion object| nslyyidtyi function| nsbopifkz object| nslgf function| nsgukkeb boolean| nsdwhx number| nsviymjoy function| getEnabledEvents number| nsbopifk object| nsbopi function| nsgukkebkh function| nscavjydje object| nsgukk object| nscav object| nsgukkebk object| nsviymjoyg object| nslyyidt function| nseyqlyr boolean| nsfkgjo string| nscavjy object| nscavj object| nslyyid object| nds object| nsdwhxu number| numQueries function| attachEventListener function| nsyohyfq object| returned string| version string| ndsWidgetVersion string| nsviym function| nspkx function| nstuky string| nsviy function| nstnagvv string| nsfkgjoq string| nsdwhxurq string| nsfkgjoqr string| nsdwhxur string| nsfkgj object| nsdwhxurqd object| nslgfnp function| nsguk function| nstna function| nsgukke function| nslyyi function| nseyqlyrf function| nstuk function| nsejsnf function| nsuksw function| validateSessionIdCookie function| nsyohy function| nstnagv function| nstukyivzx function| nsamh function| HashUtil function| nsyohyf function| nsuksww function| nsamhnfk function| nstnag function| nsejsn function| nsyohyfqp function| nsejsnfwm function| nsukswwaaw function| nstnagvvl function| nstukyiv function| nsyoh object| nsbopifkzi string| nslyyidty string| NDS_LISTEN_FOCUS string| NDS_LISTEN_TOUCH string| NDS_LISTEN_KEYBOARD string| NDS_LISTEN_DEVICE_MOTION_SENSORS string| NDS_LISTEN_MOUSE string| NDS_LISTEN_FORM string| NDS_LISTEN_ALL string| NDS_LISTEN_NONE function| nsuks string| nslgfnpyxj function| nstnagvvln string| nsviymjo string| nslgfn function| nseyq string| nslgfnpyx function| nsamhnfki string| nscavjyd function| nseyql string| nsfkg string| nsfkgjoqrf string| nslyy string| nsbop function| nsukswwa string| nslgfnpy string| nsviymj string| nsdwh object| nsbopif function| nsejsnfwmi function| ndoIsKeyIncluded function| ndoIsModifierKey function| nstukyivz function| ndoIsNavigationKey function| ndoIsEditingKey function| nsyohyfqpw object| KEYBOARD_LOCATION object| KEY_TYPE_AND_LOCATION function| nseyqlyrfu function| ndoGetKeyboardLocation function| ndoGetKeyTypeAndLocationIndicator function| ndoGetObjectKeys function| nsejsnfw function| ndwti boolean| nscavjydj function| nstukyi function| nspkxyn function| nsukswwaa function| ndwts function| nsqvjs function| nsdkfgxenr function| nsmioi function| nsdkfg function| ThreeDS2Service function| ChallengeParameters object| ThreeDS

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.squareupsandbox.com/	1970-01-20 22:36:53	Name: _savt Value: b9c59885-a047-4c67-996b-7cae6dd3a225
			.squareupsandbox.com/	1970-01-20 13:00:55	Name: __cf_bm Value: KJr_Xrm2e7R1EqD336wv_ft08id3ovk7kmgqaGHzLP8-1688453441-0-AdenLilw2Vc43Hf0X5KbhYwPovEM06fjgKno1SWcc6m+89yaL7v2flu2jUkP8TuElw+3JeL9kV6rqwvzImuqkog=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.squareupsandbox.com
csp-report.browser-intake-datadoghq.com
js.squareupsandbox.com
nd.squarecdn.com
pci-connect.squareupsandbox.com
qastcapi.nexti.in
sandbox.web.squarecdn.com
square-fonts-production-f.squarecdn.com
stcqaclient.shopthecart.ca
151.101.1.49
162.159.140.28
172.66.0.28
18.191.222.41
2600:1f18:24e6:b902:e19f:4bd5:25b2:7cc7
2600:9000:23ca:4e00:1:f8a6:840:93a1
3.23.101.25
99.83.176.153
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8
150be23eda51537000ba7df823b8ea823e0b6c7583c8d6e5fe424fc529ab30d8
1673b1918f86b6ff5f767c8941821c8a81f856e1b6ee755ef8dfcd39b3030ac4
25d017480ae2395572722ff8bc1f0e6b59a0befb31dbbc37452d2bc6f32d8202
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
7207c980ba19a0bc28ccd5152d614370bfc0cedd6e42294e7bb883a0053bf227
7527ca80eb7c2813c0e46790eb9a71684e3eddfcb83df89d5a68d36cb85794e9
753237d947776fe0ac4d4e831293cec24b7bed36d563b723c981dfcf9e4c0dc5
75789bb535fa89872844254cc6eab6ec8ebe7a27b114a46db2d2331de068bfa0
7ce044f7d528027f8be8fc0fcef4974061b1c3b16d2b18e7ed50ede90d0a0d0f
8452c65df6daa84b0560f84be881cb66ca1ed04cac4aaf65de202ef23d209498
8fcec3d9f48f6fb6aa12d67aa07f0bc4bc524db75657cf4b836c0c2065556bcf
90fa6dcdd4bfceff8e8e515a57db92f6e161718083727123206269b835d5b2ca
a106a364bd251e52d724c7f9ab541f8cd36b39d5a68cf9c3763b8bda083d1c7f
b78a3abcdd85e778d3c4c8cd915777377d052dc57a0bd4c4086a5c3e7a0adc8f
c40dc3a566255e94fd1d883f69ac515671feb005479f65c34ff8443a3e66edfc
ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83
d59711802a6efed1ca890adc9da4c6793457d2f49081074aadcd73f66883af14
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475
dea10d3dcea4ad020302f684958b2b3f7c48638d8a340ccd7de96cdf2d78cd13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40aa34cd553dc07205bb6982f4b3e790ca9c426a32eae4a4ba444242022f4b7
ea6c8aa1ba5ecbec1b0e4fae8fefb6995ad4dac6d8b6a3475bdb050d5c91b41c
f89929a556909e88126e8544bcc55ae94f6a967d723306b74c63907ca65e8619