urlscan.io logo urlscan.io
SecurityTrails logo

checkout.square.site Open in urlscan Pro
199.34.228.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://scysvr03.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquare.link%2Fu%2FV7qVUWFm%3Fsrc=sqmktg/1/010101819897671d-fcb003d2-0237-4dc3-8bc...
Effective URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Submission: On June 27 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 13 domains to perform 74 HTTP transactions. The main IP is 199.34.228.38, located in United States and belongs to WEEBLY, US. The main domain is checkout.square.site. The Cisco Umbrella rank of the primary domain is 280172.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 7th 2022. Valid for: a year.
This is the only time checkout.square.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.88.233.191 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-233-191.us-west-2.compute.amazonaws.com
scysvr03.r.us-west-2.awstrack.me
1    76.223.91.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad42d0847b05b89b1.awsglobalaccelerator.com
square.link
6    199.34.228.38 (United States)

ASN27647 (WEEBLY, US)
PTR: checkout.square.site
checkout.square.site
13    2a04:4e42:400::302 (United States)

ASN54113 (FASTLY, US)
cdn3.editmysite.com
cdn2.editmysite.com
1    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o160250.ingest.sentry.io
1    52.218.177.57 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
items-images-production.s3.us-west-2.amazonaws.com
8    74.122.189.136 (Ashburn, United States)

ASN15211 (SQUARE, US)
js.squareup.com
pci-connect.squareup.com
4    2600:9000:210b:9000:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
web.squarecdn.com
2    44.239.242.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-242-204.us-west-2.compute.amazonaws.com
ec.editmysite.com
6    2607:f8b0:4004:c17::5c (Washington, United States)

ASN15169 (GOOGLE, US)
pay.google.com
1    13.226.39.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-76.ewr53.r.cloudfront.net
d1g145x70srn7h.cloudfront.net
2    151.101.65.49 (United States)

ASN54113 (FASTLY, US)
square-fonts-production-f.squarecdn.com
squareup.com
2    74.122.190.68 (San Francisco, United States)

ASN15211 (SQUARE, US)
connect.squareup.com
2    75.2.31.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab3378e3025098c17.awsglobalaccelerator.com
nd.squarecdn.com
1    2607:f8b0:4006:822::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2607:f8b0:4006:820::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
16    2607:f8b0:4006:816::200e (New York, United States)

ASN15169 (GOOGLE, US)
play.google.com
1    2607:f8b0:4006:823::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
22 google.com
pay.google.com — Cisco Umbrella Rank: 4221
play.google.com — Cisco Umbrella Rank: 46
400 KB
15 editmysite.com
cdn3.editmysite.com — Cisco Umbrella Rank: 28951
cdn2.editmysite.com — Cisco Umbrella Rank: 12853
ec.editmysite.com — Cisco Umbrella Rank: 13872
2 MB
11 squareup.com
js.squareup.com — Cisco Umbrella Rank: 19430
pci-connect.squareup.com — Cisco Umbrella Rank: 37148
connect.squareup.com — Cisco Umbrella Rank: 38850
squareup.com — Cisco Umbrella Rank: 9748
78 KB
8 gstatic.com
www.gstatic.com
186 KB
7 squarecdn.com
web.squarecdn.com — Cisco Umbrella Rank: 40470
square-fonts-production-f.squarecdn.com — Cisco Umbrella Rank: 41135
nd.squarecdn.com — Cisco Umbrella Rank: 53174
256 KB
6 square.site
checkout.square.site — Cisco Umbrella Rank: 280172
9 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
1 cloudfront.net
d1g145x70srn7h.cloudfront.net
29 KB
1 amazonaws.com
items-images-production.s3.us-west-2.amazonaws.com — Cisco Umbrella Rank: 546602
742 KB
1 sentry.io
o160250.ingest.sentry.io — Cisco Umbrella Rank: 200799
280 B
1 square.link
square.link — Cisco Umbrella Rank: 532572
254 B
1 awstrack.me
scysvr03.r.us-west-2.awstrack.me — Cisco Umbrella Rank: 141554
155 B
74 13
Domain Requested by
16 play.google.com www.gstatic.com
10 cdn3.editmysite.com checkout.square.site
cdn3.editmysite.com
8 www.gstatic.com pay.google.com
www.gstatic.com
6 pay.google.com web.squarecdn.com
pay.google.com
checkout.square.site
www.gstatic.com
6 pci-connect.squareup.com web.squarecdn.com
6 checkout.square.site cdn3.editmysite.com
4 web.squarecdn.com cdn3.editmysite.com
web.squarecdn.com
3 cdn2.editmysite.com cdn3.editmysite.com
2 nd.squarecdn.com js.squareup.com
nd.squarecdn.com
2 connect.squareup.com js.squareup.com
connect.squareup.com
2 ec.editmysite.com cdn3.editmysite.com
2 js.squareup.com cdn3.editmysite.com
web.squarecdn.com
1 www.google-analytics.com www.gstatic.com
1 squareup.com checkout.square.site
1 fonts.googleapis.com client
1 square-fonts-production-f.squarecdn.com
1 d1g145x70srn7h.cloudfront.net web.squarecdn.com
1 items-images-production.s3.us-west-2.amazonaws.com checkout.square.site
1 o160250.ingest.sentry.io cdn3.editmysite.com
1 square.link 1 redirects
1 scysvr03.r.us-west-2.awstrack.me 1 redirects
74 21

This site contains no links.

Subject Issuer Validity Valid
*.square.site
Entrust Certification Authority - L1K		 2022-02-07 -
2023-02-26		 a year crt.sh
*.editmysite.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-15 -
2023-03-19		 a year crt.sh
*.ingest.sentry.io
R3		 2022-06-21 -
2022-09-19		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
*.squareup.com
Entrust Certification Authority - L1K		 2021-11-08 -
2022-11-07		 a year crt.sh
web.squarecdn.com
Amazon		 2022-05-02 -
2023-05-31		 a year crt.sh
ec.editmysite.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.squarecdn.com
Entrust Certification Authority - L1K		 2022-01-18 -
2023-02-15		 a year crt.sh
nd.squarecdn.com
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
squareup.com
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Frame ID: 4DBD4C4B87E93C6532D4C6E4209B098E
Requests: 33 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.33.3/main-iframe.html?applicationId=sq0idp-w46nJ_NCNDMSOywaCY0mwA&hostname=checkout.square.site
Frame ID: 61224442EA4C0FC0F1F30D4912535585
Requests: 4 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.33.3/single-card-element-iframe.html
Frame ID: 42234D65186A69DACB68F94F8D1CD602
Requests: 2 HTTP requests in this frame

Frame: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fcheckout.square.site%2Fmerchant%2FFDJSZFKGKWK8A%2Fcheckout%2FV52Z3O2MP7ETBVZIUDRKWAHK%3Fsrc%3Dsqmktg
Frame ID: 5F2A54C1212111B7EA16A693FFED11E7
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcheckout.square.site&mid=
Frame ID: 9618F6851D582E19A89BB826A2D4EE7B
Requests: 16 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=static
Frame ID: 9560034B407B097C798C0A572D0CB434
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ElementsHTX

Page URL History Show full URLs

  1. https://scysvr03.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquare.link%2Fu%2FV7qVUWFm%3Fsrc=sqmktg/1/010101819897671d-fc... HTTP 302
    https://square.link/u/V7qVUWFm?src=sqmktg HTTP 303
    https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\d+\.editmysite\.com
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • js\.squareup\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

74
Requests

100 %
HTTPS

39 %
IPv6

13
Domains

21
Subdomains

16
IPs

1
Countries

3611 kB
Transfer

10350 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://scysvr03.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquare.link%2Fu%2FV7qVUWFm%3Fsrc=sqmktg/1/010101819897671d-fcb003d2-0237-4dc3-8bcd-2c9d698198ff-000000/fuQm-VxIcVjndjswfYx5QGFkqug=276 HTTP 302
    https://square.link/u/V7qVUWFm?src=sqmktg HTTP 303
    https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request V52Z3O2MP7ETBVZIUDRKWAHK
checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/
Redirect Chain
  • https://scysvr03.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquare.link%2Fu%2FV7qVUWFm%3Fsrc=sqmktg/1/010101819897671d-fcb003d2-0237-4dc3-8bcd-2c9d698198ff-000000/fuQm-VxIcVjndjswfYx5QGFkqug=276
  • https://square.link/u/V7qVUWFm?src=sqmktg
  • https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.38 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
checkout.square.site
Software
nginx /
Resource Hash
03c319cf3522580991aa5c245c75ded4e676a030a739bde3990850639ff46bfd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Jun 2022 13:41:26 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Host
grn63.sf2p.intern.weebly.net
X-RateLimit-Limit
100
X-RateLimit-Remaining
99
X-Request-ID
b89f311198f2c01d8009462348d4c315
X-Revision
1221f10f5dec48eff6c1cdf59486174a39997d4f
X-W-DC
SFO

Redirect headers

content-length
0
date
Mon, 27 Jun 2022 13:41:25 GMT
frame-options
DENY
location
https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
strict-transport-security
max-age=631152000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
system.min.edf02612a6bb463d71cb5efc5a4b495e.js
cdn3.editmysite.com/app/checkout/assets/checkout/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2dcf45da386abc134ac7a7d918fb0385920056ce12c85d75a1318bcdabad768f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
7759749
x-cache
HIT
x-w-dc
SFO
content-length
4998
via
1.1 varnish
x-served-by
cache-ewr18137-EWR
last-modified
Tue, 29 Mar 2022 18:09:33 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337286.438192,VS0,VE0
etag
W/"40372ca3b0cfa19f4e5d664243108364"
vary
Accept-Encoding
x-amz-request-id
tx00000000000005d50b1c5-0062434bb5-a9f41e7-sfo1
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
sourcemap
https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
33285
cko.f903b1b782eaf55924e7.css
cdn3.editmysite.com/app/checkout/assets/checkout/css/ 		96 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout/css/cko.f903b1b782eaf55924e7.css
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7334366ccd817094122fa5ad56a0ec2e5cb6b6705d260bdea169caa6971d4d78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
417057
x-cache
HIT
x-w-dc
SFO
content-length
21863
via
1.1 varnish
x-served-by
cache-ewr18137-EWR
last-modified
Wed, 22 Jun 2022 17:48:46 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337286.438273,VS0,VE0
etag
W/"04d4d3c7f02110d2351eda86f281ba9b"
vary
Accept-Encoding
x-amz-request-id
tx00000000000001fedf202-0062b35665-b9fbc64-sfo1
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
7566
vendors.2ec3751248bf15396e22.css
cdn3.editmysite.com/app/checkout/assets/checkout-links/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout-links/css/vendors.2ec3751248bf15396e22.css
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
212829863a1178b2a5b1f1006a2bf5755ba42c7a8c5a30998c7e722ea285717c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
1145414
x-cache
HIT
x-w-dc
SFO
content-length
3072
via
1.1 varnish
x-served-by
cache-ewr18137-EWR
last-modified
Thu, 21 Apr 2022 19:25:42 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337286.438225,VS0,VE0
etag
W/"d80b6c17ff08239770be4f3893c9b6f5"
vary
Accept-Encoding
x-amz-request-id
tx000000000000018edc605-0062a83940-b9fbc7f-sfo1
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
2
main.81a96c139b64d2db2f0f.css
cdn3.editmysite.com/app/checkout/assets/checkout-links/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout-links/css/main.81a96c139b64d2db2f0f.css
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
461a113de727a412cdca77de58343e52874b5a140542da04e696cfd97b1ca150

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
1149705
x-cache
HIT
x-w-dc
SFO
content-length
2830
via
1.1 varnish
x-served-by
cache-ewr18137-EWR
last-modified
Tue, 31 May 2022 23:19:40 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337286.438209,VS0,VE0
etag
W/"fea91865227ea480daa63676de4fc3c6"
vary
Accept-Encoding
x-amz-request-id
tx00000000000001378ccda-00629f85bc-b9fbc29-sfo1
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
2
runtime.946ff30e2070450a8292.en.js
cdn3.editmysite.com/app/checkout/assets/checkout-links/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/runtime.946ff30e2070450a8292.en.js
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d58fd68ce2c9d26f847665f5656aaa2c2fd81b75b764f43e4e61b2e66cf364d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
2272594
x-cache
HIT
x-w-dc
SFO
content-length
957
via
1.1 varnish
x-served-by
cache-ewr18137-EWR
last-modified
Mon, 11 Oct 2021 21:16:26 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337286.438177,VS0,VE0
etag
W/"011d86f994094837e19f21864f9bc95a"
vary
Accept-Encoding
x-amz-request-id
tx000000000000003f99af1-0062869103-b9fbc7f-sfo1
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
sourcemap
https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout-links/js/runtime.946ff30e2070450a8292.en.js.map
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
2
vendors.252e6744cc86047fc4a1.en.js
cdn3.editmysite.com/app/checkout/assets/checkout-links/js/ 		915 KB
300 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/vendors.252e6744cc86047fc4a1.en.js
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e7d0df82d8a0b21ec077a52d95ea03e2fbcf90368649de31c28795fe00c42d49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
1052788
x-cache
HIT
x-w-dc
SFO
content-length
306691
via
1.1 varnish
x-served-by
cache-ewr18137-EWR
last-modified
Thu, 21 Apr 2022 19:25:43 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337286.438216,VS0,VE1
etag
W/"2ea4934bae02e3d19396569224c5f460"
vary
Accept-Encoding
x-amz-request-id
tx000000000000007d15806-006261b06a-4d62951-las
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
sourcemap
https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout-links/js/vendors.252e6744cc86047fc4a1.en.js.map
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
main.177995d3693b48dc1de7.en.js
cdn3.editmysite.com/app/checkout/assets/checkout-links/js/ 		898 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/main.177995d3693b48dc1de7.en.js
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c41c37fde1650ef059ff880952e6fa3c949c82351d7593d6f9a36d8ba9562733

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
399727
x-cache
HIT
x-w-dc
SFO
content-length
193174
via
1.1 varnish
x-served-by
cache-ewr18137-EWR
last-modified
Wed, 22 Jun 2022 22:36:22 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337286.438176,VS0,VE1
etag
W/"fe5862c1bcfee5b750eb1f3094ea85ac"
vary
Accept-Encoding
x-amz-request-id
tx0000000000000202b27a5-0062b39a17-b9fbc29-sfo1
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
sourcemap
https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout-links/js/main.177995d3693b48dc1de7.en.js.map
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
imports.en.f0c859889446f582e83ccb110b84e4cb.js
cdn3.editmysite.com/app/checkout/assets/checkout/ 		616 B
797 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.f0c859889446f582e83ccb110b84e4cb.js
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95d36807cbc8a52ea571a40baa48f8bd0c767b304ea10f4409106860ac965771

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
308971
x-cache
HIT
x-w-dc
SFO
content-length
295
via
1.1 varnish
x-served-by
cache-ewr18126-EWR
last-modified
Thu, 23 Jun 2022 23:50:03 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337287.724741,VS0,VE0
etag
W/"f0c859889446f582e83ccb110b84e4cb"
vary
Accept-Encoding
x-amz-request-id
tx000000000000020f622bd-0062b4fc8d-b9fbc64-sfo1
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
sourcemap
https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/imports.en.f0c859889446f582e83ccb110b84e4cb.js.map
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
6914
/
o160250.ingest.sentry.io/api/5930781/envelope/ 		2 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o160250.ingest.sentry.io/api/5930781/envelope/?sentry_key=8ce2a7b5bf1f478abe3434882e92a849&sentry_version=7
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/vendors.252e6744cc86047fc4a1.en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://checkout.square.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://checkout.square.site
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
snowday262.js
cdn2.editmysite.com/js/wsnbn/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/main.177995d3693b48dc1de7.en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
x-cache-hits
2, 22965
age
363765
x-cache
HIT, HIT
x-host
blu100.sf2p.intern.weebly.net
content-length
25752
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10029-SJC, cache-ewr18137-EWR
last-modified
Wed, 22 Jun 2022 00:08:55 GMT
server
nginx
x-timer
S1656337287.721189,VS0,VE0
etag
"62b25d97-124fe"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Thu, 07 Jul 2022 08:38:41 GMT
V52Z3O2MP7ETBVZIUDRKWAHK
checkout.square.site/api/merchant/FDJSZFKGKWK8A/checkout/ 		2 KB
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout.square.site/api/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/vendors.252e6744cc86047fc4a1.en.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.38 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
checkout.square.site
Software
nginx /
Resource Hash
8439d9b87b97cfbc6c7ec99eb415278a5b1f42c629ff72bd23356f90f3e6f3db

Request headers

Accept
application/json, text/plain, */*
Referer
https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
sentry-trace
5097d0cfb0e44f4d8192cf8171d792f4-9ab5f7097bd2ad86-1
Content-Type
application/json

Response headers

Date
Mon, 27 Jun 2022 13:41:27 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
X-W-DC
SFO
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-Host
grn63.sf2p.intern.weebly.net
Connection
keep-alive
X-Revision
1221f10f5dec48eff6c1cdf59486174a39997d4f
X-Request-ID
ceffa1df7dfdd905e2a35e4fd4c9cf61
original.png
items-images-production.s3.us-west-2.amazonaws.com/files/558164d9d787d7f3bc3fe99059e2d7967737836c/ 		742 KB
742 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://items-images-production.s3.us-west-2.amazonaws.com/files/558164d9d787d7f3bc3fe99059e2d7967737836c/original.png
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.177.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
947de032d10169ce4108094591279f5d4d1e590a72d78f17bc04780feb5e8753

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 27 Jun 2022 13:41:28 GMT
Last-Modified
Fri, 24 Jun 2022 22:54:10 GMT
Server
AmazonS3
x-amz-request-id
4H9RQ42RPRWYEVCM
ETag
"1eff0ce5ece6220378b26d9dd4072b51"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
759486
x-amz-id-2
0Et85VKQ4u2uPuQhpGpsD22TEM0DdvIMhjAfYWF0Cj7b+jXeMlP2UmvN2zPGPVHJjwjI5CYfYSM=
sqmarket-medium.woff
cdn2.editmysite.com/fonts/SQ_Market/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout/css/cko.f903b1b782eaf55924e7.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f321df4af5ea5d9ad9d0840c3f6b332567584620efedd1fade186123abc7479e

Request headers

Referer
https://cdn3.editmysite.com/
Origin
https://checkout.square.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
via
1.1 varnish, 1.1 varnish
age
451263
x-cache
HIT, HIT
x-host
blu96.sf2p.intern.weebly.net
content-length
41400
x-served-by
cache-sjc10037-SJC, cache-ewr18126-EWR
last-modified
Tue, 21 Jun 2022 17:19:15 GMT
server
nginx
x-timer
S1656337287.735810,VS0,VE0
etag
"62b1fd93-a1b8"
x-cache-hits
2, 9291
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Wed, 06 Jul 2022 08:20:23 GMT
sqmarket-regular.woff
cdn2.editmysite.com/fonts/SQ_Market/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn2.editmysite.com/fonts/SQ_Market/sqmarket-regular.woff
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout/css/cko.f903b1b782eaf55924e7.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e094fc97ee2575583299cc73a332e742c43a80e5fefeb3579fe3c5108c535f7

Request headers

Referer
https://cdn3.editmysite.com/
Origin
https://checkout.square.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
via
1.1 varnish, 1.1 varnish
age
1131511
x-cache
HIT, HIT
x-host
grn86.sf2p.intern.weebly.net
content-length
39020
x-served-by
cache-sjc10074-SJC, cache-ewr18126-EWR
last-modified
Mon, 13 Jun 2022 16:17:24 GMT
server
nginx
x-timer
S1656337287.735784,VS0,VE0
etag
"62a76314-986c"
x-cache-hits
1, 8140
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
expires
Tue, 28 Jun 2022 11:22:55 GMT
paymentform
js.squareup.com/v2/ 		161 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.squareup.com/v2/paymentform
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
6a0b6b79b4f8afe5801a48261da73974aaafc6d2dc19281476653df5081afbd7
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.square.site/
Origin
https://checkout.square.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
OPTIONS, GET
content-type
application/javascript
access-control-allow-origin
https://checkout.square.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Allow-Cookies, X-Block-Cookies
expires
Thu, 01 Jan 1970 00:00:00 UTC
soccko.bcdb8dfcafb67b866126.js
cdn3.editmysite.com/app/checkout/assets/checkout/js/en/ 		2 MB
631 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout/js/en/soccko.bcdb8dfcafb67b866126.js
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c406347c8b5835926f4eb134f29533e5443037d19f31e9e2c73051a4cbd0c071

Request headers

Referer
https://checkout.square.site/
Origin
https://checkout.square.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
308971
x-cache
HIT
x-w-dc
SFO
content-length
645953
via
1.1 varnish
x-served-by
cache-ewr18126-EWR
last-modified
Thu, 23 Jun 2022 23:50:04 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337287.821598,VS0,VE1
etag
W/"9f3d5193fb09203a25d9b5b48615d346"
vary
Accept-Encoding
x-amz-request-id
tx000000000000020bffde9-0062b4fc9b-b9fbc77-sfo1
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
sourcemap
https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/en/soccko.bcdb8dfcafb67b866126.js.map
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
socsandboxcko.94fa6b06115541cfb5d5.js
cdn3.editmysite.com/app/checkout/assets/checkout/js/en/ 		2 MB
630 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn3.editmysite.com/app/checkout/assets/checkout/js/en/socsandboxcko.94fa6b06115541cfb5d5.js
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6b58f628460708b9a34fedcc364e2a9b9ab4f00ae34799877e4ab1ddbcd55a7d

Request headers

Referer
https://checkout.square.site/
Origin
https://checkout.square.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:26 GMT
content-encoding
gzip
age
308971
x-cache
HIT
x-w-dc
SFO
content-length
644158
via
1.1 varnish
x-served-by
cache-ewr18126-EWR
last-modified
Thu, 23 Jun 2022 23:50:04 GMT
server
nginx
cache-control
max-age=315360000
x-timer
S1656337287.821678,VS0,VE1
etag
W/"6dd5e949cb0d2b9e5c9cb68144582623"
vary
Accept-Encoding
x-amz-request-id
tx00000000000002104aff2-0062b4fc9b-b9fbc29-sfo1
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-rgw-object-type
Normal
sourcemap
https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/en/socsandboxcko.94fa6b06115541cfb5d5.js.map
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
visited
checkout.square.site/api/merchant/FDJSZFKGKWK8A/location/2H8R0XGH3JVZ8/order/koMXWtkgoRGoXijlGPRwnzMxvqWZY/ 		2 KB
1010 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout.square.site/api/merchant/FDJSZFKGKWK8A/location/2H8R0XGH3JVZ8/order/koMXWtkgoRGoXijlGPRwnzMxvqWZY/visited
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/vendors.252e6744cc86047fc4a1.en.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.38 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
checkout.square.site
Software
nginx /
Resource Hash
10d1a25ec5bf200db1eb559383e634bc01e084244037038878af2936e56354ee

Request headers

Accept
application/json, text/plain, */*
Referer
https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
sentry-trace
5097d0cfb0e44f4d8192cf8171d792f4-b312115f6db85679-1

Response headers

Date
Mon, 27 Jun 2022 13:41:27 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
X-W-DC
SFO
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-Host
grn63.sf2p.intern.weebly.net
Connection
keep-alive
X-Revision
1221f10f5dec48eff6c1cdf59486174a39997d4f
X-Request-ID
051fdf7e29c9eb828ab3c2f0e7d5a915
en-US
checkout.square.site/api/soc-platform/merchant/FDJSZFKGKWK8A/location/2H8R0XGH3JVZ8/order/koMXWtkgoRGoXijlGPRwnzMxvqWZY/bootstrap/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout.square.site/api/soc-platform/merchant/FDJSZFKGKWK8A/location/2H8R0XGH3JVZ8/order/koMXWtkgoRGoXijlGPRwnzMxvqWZY/bootstrap/en-US
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/vendors.252e6744cc86047fc4a1.en.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.38 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
checkout.square.site
Software
nginx /
Resource Hash
b66a157d90e107d03b68ae695c44d8f7091506f43f856f294d5d6b503e7100bc

Request headers

Accept
application/json, text/plain, */*
Referer
https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
sentry-trace
5097d0cfb0e44f4d8192cf8171d792f4-a2a0d00450c914ed-1

Response headers

Date
Mon, 27 Jun 2022 13:41:27 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
X-W-DC
SFO
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-Host
grn63.sf2p.intern.weebly.net
Connection
keep-alive
X-Revision
1221f10f5dec48eff6c1cdf59486174a39997d4f
X-Request-ID
216e44b064b774885b320abe392d6715
ping
checkout.square.site/app/square-sync/published/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout.square.site/app/square-sync/published/ping
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/vendors.252e6744cc86047fc4a1.en.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.38 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
checkout.square.site
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
sentry-trace
5097d0cfb0e44f4d8192cf8171d792f4-97cc161088f44605-1

Response headers

Date
Mon, 27 Jun 2022 13:41:28 GMT
Server
nginx
X-W-DC
SFO
Cache-Control
no-cache, private
X-Host
blu8.sf2p.intern.weebly.net
Connection
keep-alive
X-Revision
190cd77144cbe9dfa9f16538792a3158ff01ea6e
X-Request-ID
bbddb7686a7fb3e8030554c8d65379ab
/
checkout.square.site/api/soc-platform/merchant/FDJSZFKGKWK8A/location/2H8R0XGH3JVZ8/order/koMXWtkgoRGoXijlGPRwnzMxvqWZY/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout.square.site/api/soc-platform/merchant/FDJSZFKGKWK8A/location/2H8R0XGH3JVZ8/order/koMXWtkgoRGoXijlGPRwnzMxvqWZY/
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/vendors.252e6744cc86047fc4a1.en.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.34.228.38 , United States, ASN27647 (WEEBLY, US),
Reverse DNS
checkout.square.site
Software
nginx /
Resource Hash
54e4dcf08a7c20e29c67716c5b14c6ff13e5b19e766c5b96c05eaa5b41ba6806

Request headers

Accept
application/json, text/plain, */*
Referer
https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
sentry-trace
5097d0cfb0e44f4d8192cf8171d792f4-a848160774ff41a2-1

Response headers

Date
Mon, 27 Jun 2022 13:41:28 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/json
X-W-DC
SFO
Cache-Control
no-cache, private
Transfer-Encoding
chunked
X-Host
grn63.sf2p.intern.weebly.net
Connection
keep-alive
X-Revision
1221f10f5dec48eff6c1cdf59486174a39997d4f
X-Request-ID
062e98f8e20e1ee7b4c3639e91a82dc7
square.js
web.squarecdn.com/v1/ 		308 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/v1/square.js
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ef89709c75f752260f764966439edbcce46d1703ccfb82b445ee5cf1ae1c968

Request headers

Referer
https://checkout.square.site/
Origin
https://checkout.square.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
LLWkMW44JWiXUPhnIgZnnW7yDEDzSwxz
content-encoding
gzip
etag
W/"6e75f1cf592d44022aaadf17253ebb55"
age
7759
x-cache
Hit from cloudfront
access-control-max-age
300
x-amz-meta-websdk-version
1.33.3
access-control-allow-origin
*
last-modified
Fri, 17 Jun 2022 15:37:49 GMT
server
AmazonS3
date
Mon, 27 Jun 2022 11:35:32 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 ffb3cace5d647f21fdf8c68c16a8f2fa.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
f3v-vUra6_pJP5ntritWFJBLWRTThvTacxTdY8MsqFvS8u0F5bC6RA==
tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.242.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-242-204.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://checkout.square.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://checkout.square.site
access-control-max-age
5
content-length
0
date
Mon, 27 Jun 2022 13:41:29 GMT
server
nginx
tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ 		2 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn3.editmysite.com
URL: https://cdn3.editmysite.com/app/checkout/assets/checkout-links/js/vendors.252e6744cc86047fc4a1.en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.239.242.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-239-242-204.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://checkout.square.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://checkout.square.site
date
Mon, 27 Jun 2022 13:41:29 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/plain; charset=UTF-8
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
main-iframe.html
web.squarecdn.com/1.33.3/ Frame 6122 		306 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.33.3/main-iframe.html?applicationId=sq0idp-w46nJ_NCNDMSOywaCY0mwA&hostname=checkout.square.site
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7beede10ce23eb398840c11a7c28035dc2b0366370a5b19bc676c78d6711cb72

Request headers

Referer
https://checkout.square.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-max-age
300
age
740
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html
date
Mon, 27 Jun 2022 13:31:48 GMT
etag
W/"c120f2a2d920cc14c1cdf67964cd69e8"
last-modified
Tue, 14 Jun 2022 18:53:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 a5e3b467ea385e6efe6a1a3ce283b4c0.cloudfront.net (CloudFront)
x-amz-cf-id
wQoGYGi-2MqotfaB7MTIXz27DSxhH327iA50zXfSnySOUi7cRP8I3Q==
x-amz-cf-pop
EWR53-C3
x-amz-meta-websdk-version
1.33.3
x-amz-version-id
pL45LaGcSLjGwpyaBwYQZaWxOtB.AOzM
x-cache
Hit from cloudfront
hydrate
pci-connect.squareup.com/payments/ Frame 6122 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-w46nJ_NCNDMSOywaCY0mwA&hostname=checkout.square.site&locationId=2H8R0XGH3JVZ8
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.33.3/main-iframe.html?applicationId=sq0idp-w46nJ_NCNDMSOywaCY0mwA&hostname=checkout.square.site
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
5f2c158e6765aa2db41d9457894ceb87fee551a4f911011358e720adf3335e45
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://web.squarecdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json; charset=utf-8

Response headers

date
Mon, 27 Jun 2022 13:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
square-version
2018-09-18
x-speleo-traceid
ATEDbSMMXCaae
vary
Origin, Accept-Encoding
content-length
633
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://web.squarecdn.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
hydrate
pci-connect.squareup.com/payments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-w46nJ_NCNDMSOywaCY0mwA&hostname=checkout.square.site&locationId=2H8R0XGH3JVZ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://web.squarecdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://web.squarecdn.com
content-length
0
date
Mon, 27 Jun 2022 13:41:29 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
data.js
js.squareup.com/payments/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.squareup.com/payments/data.js
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
52bbe230b3b32997f60bca80dbeebad06359230a8d2a63116bdd9c8c64cce35e
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
pay.js
pay.google.com/gp/p/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8ab2b6e48fdef457c84b2b32b1e7a980579dfc50622ee62fcc515b68752399
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x7NuKX0Vq-MZDFalD8vbCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-x7NuKX0Vq-MZDFalD8vbCg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-x7NuKX0Vq-MZDFalD8vbCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-x7NuKX0Vq-MZDFalD8vbCg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires
Mon, 27 Jun 2022 13:41:29 GMT
single-card-element-iframe.html
web.squarecdn.com/1.33.3/ Frame 4223 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.33.3/single-card-element-iframe.html
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5b6581c03b2aa6925ecb22240b7bb61cdd7684ccce8558cc121de6d25e3a360

Request headers

Referer
https://checkout.square.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-max-age
300
age
84666
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html
date
Sun, 26 Jun 2022 21:14:42 GMT
etag
W/"18ffb3f47e944522c39b9fb6d280e247"
last-modified
Tue, 14 Jun 2022 18:53:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 a5e3b467ea385e6efe6a1a3ce283b4c0.cloudfront.net (CloudFront)
x-amz-cf-id
2SuExLCXeWVX2ztrLTdfZwNa52XmNryl9MZFQz-43gPRbQ0uG423zw==
x-amz-cf-pop
EWR53-C3
x-amz-meta-websdk-version
1.33.3
x-amz-version-id
6_mVs5_iC7kpz4pLChhV0j.LjcJxmzvy
x-cache
Hit from cloudfront
token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame 6122 		262 B
324 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/digital-wallets/google-pay/token
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.33.3/main-iframe.html?applicationId=sq0idp-w46nJ_NCNDMSOywaCY0mwA&hostname=checkout.square.site
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
9a2c098b42e41f31587f234566513431b0739c60b42f732bb21bf96ed0910425
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://web.squarecdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json; charset=utf-8

Response headers

date
Mon, 27 Jun 2022 13:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
square-version
2018-09-18
x-speleo-traceid
NMjBHbjSaaJJC
vary
Origin, Accept-Encoding
content-length
247
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://web.squarecdn.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/digital-wallets/google-pay/token
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://web.squarecdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://web.squarecdn.com
content-length
0
date
Mon, 27 Jun 2022 13:41:29 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
card-wrapper.css
web.squarecdn.com/1.33.3/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.33.3/card-wrapper.css
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9000:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9ace2e96f86beeb1e0f01cbb911ff6ab0e2e282ece104cb601972b64719f417

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
bOVhoGqfvNGLTD6BEpB2u4YlpD32Nztt
content-encoding
gzip
etag
W/"1aad22159c8d756fe31f90a790c042e3"
age
32951
x-cache
Hit from cloudfront
access-control-max-age
300
x-amz-meta-websdk-version
1.33.3
access-control-allow-origin
*
last-modified
Tue, 14 Jun 2022 18:53:45 GMT
server
AmazonS3
date
Mon, 27 Jun 2022 11:26:50 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 a5e3b467ea385e6efe6a1a3ce283b4c0.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
al2gFWZc1EUrTS07BBi-Llo0yyc25MMi8qccrDKFpW0m9eUaLtB6sw==
sqmarket-regular.woff2
d1g145x70srn7h.cloudfront.net/fonts/sqmarket/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1g145x70srn7h.cloudfront.net/fonts/sqmarket/sqmarket-regular.woff2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.33.3/card-wrapper.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-76.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
229ec17324b239127841118369b6ba49cb6acbc054be11dd6b27e68c115565c7

Request headers

Referer
https://web.squarecdn.com/
Origin
https://checkout.square.site
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 26 Jun 2022 22:16:01 GMT
Via
1.1 556ef92964692e27cf8626ac501230e4.cloudfront.net (CloudFront)
Age
55529
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
29044
Last-Modified
Mon, 24 Aug 2015 16:41:41 GMT
Server
AmazonS3
ETag
"84eba500a4ec29ccfadf1e9bff16b67f"
Vary
Origin
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
CcLixdUV9eg1iOIXvMg.HaT5aV.S.lWh
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR53-C2
Accept-Ranges
bytes
Content-Type
application/octet-stream
X-Amz-Cf-Id
iVVYo6_XisyimOF7gviZXV1FlXJDFl6hXwu-l3OlPK41V5CWP8EN8g==
SquareSansText-Regular.woff2
square-fonts-production-f.squarecdn.com/square-text/ Frame 4223 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a356433813174165c501876a7dc7ae08bec80bf3dd9e6844edd35429c1c8e78

Request headers

Referer
https://web.squarecdn.com/
Origin
https://web.squarecdn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:29 GMT
via
1.1 varnish
age
136
x-cache
HIT
content-length
32752
x-amz-id-2
qjrsFPwYf3mPHUMyVLSHNjC6hO29FGdxNzx4xOyQe2GC2yS3TVvpiYiF+6f/lywsCz+n/w40W1U=
x-served-by
cache-ewr18182-EWR
last-modified
Tue, 07 Dec 2021 22:41:43 GMT
server
AmazonS3
x-timer
S1656337290.553871,VS0,VE0
etag
"a6099996336cf30cd8b47097d9fadf0b"
x-amz-request-id
8DCZDTHP4H65GS8N
access-control-allow-origin
*
accept-ranges
bytes
content-type
binary/octet-stream
x-cache-hits
3
frame.html
connect.squareup.com/payments/data/ Frame 5F2A 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fcheckout.square.site%2Fmerchant%2FFDJSZFKGKWK8A%2Fcheckout%2FV52Z3O2MP7ETBVZIUDRKWAHK%3Fsrc%3Dsqmktg
Requested by
Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.68 San Francisco, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
d7499a69f3543ec4234cfca87911d9f4e566616fc9e1753e3b6bb003d3601b77
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.square.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
content-type
text/html
date
Mon, 27 Jun 2022 13:41:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
/
nd.squarecdn.com/2.2/w/w-952168/sync/js/ 		303 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nd.squarecdn.com/2.2/w/w-952168/sync/js/
Requested by
Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.31.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab3378e3025098c17.awsglobalaccelerator.com
Software
nginx /
Resource Hash
937dfb353a13c839ecbc96711f960dad9ce146c5baf485361e5e81f439a3b3c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nds-datacontractrequirement1
Placement, No matching URL placement for w-952168 at https://checkout.square.site/.
date
Mon, 27 Jun 2022 13:41:29 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff, nosniff
x-nds-datacontractrequirement2
Placement, Placement page number has not been detected.
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
x-nds-datacontractrequirement0
Placement, Placement page has not been detected.
strict-transport-security
max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
payframe
pay.google.com/gp/p/ui/ Frame 9618 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcheckout.square.site&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06d28a30a52a4cf00a8960b01ae15fe88eae30d42af0e04dc23180b6d981b973
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-udUvu20DxuV36ZMBfvKHrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-udUvu20DxuV36ZMBfvKHrw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://checkout.square.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-udUvu20DxuV36ZMBfvKHrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-udUvu20DxuV36ZMBfvKHrw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy
same-site
date
Mon, 27 Jun 2022 13:41:29 GMT
expires
Mon, 27 Jun 2022 13:41:29 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:500
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66e9a5ea6550da6a32e867444482e4a842ec3070e3cf05688d0e5998b2d2ff54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:38:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 27 Jun 2022 13:41:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Jun 2022 13:41:29 GMT
generate_gpay_btn_img
pay.google.com/gp/p/ Frame 9560 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=static
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8465be4aea57dd1d35c01414395d3c92d5d649024f870d86f55453d7be01c525
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mv9zYCopqeyO6IzXzWHcdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'nonce-mv9zYCopqeyO6IzXzWHcdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://checkout.square.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mv9zYCopqeyO6IzXzWHcdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'nonce-mv9zYCopqeyO6IzXzWHcdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendBuyflowPayButtonUi"
cross-origin-resource-policy
same-site
date
Mon, 27 Jun 2022 13:41:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"InstantbuyFrontendBuyflowPayButtonUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayButtonUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ 		149 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 01:03:37 GMT
x-content-type-options
nosniff
age
131872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 26 Jun 2023 01:03:37 GMT
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/ Frame 9560 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff

Request headers

Referer
https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=static
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 27 Jun 2022 13:41:29 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1609
content-type
text/html; charset=UTF-8
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.p5Hz_paAEQ8.es5.O/am=DQAC/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/... Frame 9560 		155 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.p5Hz_paAEQ8.es5.O/am=DQAC/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfricSLQUzBsoOsSk-DT8BdLbH1kVCw/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=static
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a189313d63d74fe09a59b2732ae7e579436f2a482fcc9a2c39a15e0bc9c82bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 06:32:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55855
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 04:31:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Jun 2023 06:32:36 GMT
/
nd.squarecdn.com/2.2/w/w-952168/init/js/ 		529 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nd.squarecdn.com/2.2/w/w-952168/init/js/?q=%7B%22e%22%3A326302%2C%22oq%22%3A%221600%3A1200%3A1600%3A1200%3A1600%3A1200%22%2C%22wfi%22%3A%22flap-153472%22%2C%22yf%22%3A%7B%7D%2C%22uers%22%3A%22uggcf%3A%2F%2Fpurpxbhg.fdhner.fvgr%2Fzrepunag%2FSQWFMSXTXJX8N%2Fpurpxbhg%2FI52M3B2ZC7RGOIMVHQEXJNUX%3Ffep%3Dfdzxgt%22%2C%22ov%22%3A%22o2%7C1600k1200%201600k1200%2024%2024%7C0%7Cra-HF%7Coc1-q400qo6n8n86q525%7Csnyfr%7C%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F103.0.5060.53%20Fnsnev%2F537.36%7Cjt1-n46p01n68sp5740r%22%7D
Requested by
Host: nd.squarecdn.com
URL: https://nd.squarecdn.com/2.2/w/w-952168/sync/js/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.31.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab3378e3025098c17.awsglobalaccelerator.com
Software
nginx /
Resource Hash
8393c241abde3129f3219379d67bd42c78a4df75fd137dc19b1f2a90bec9aa73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://checkout.square.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:41:29 GMT
x-content-type-options
nosniff, nosniff
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains;
content-length
529
x-xss-protection
1; mode=block
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 9618 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcheckout.square.site&mid=
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 27 Jun 2022 13:41:29 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
squareup.com/1.0/as-reporter/csp/ Frame 5F2A 		0
621 B 		Other
General
Check archive.org
Download Go to
Full URL
https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
Requested by
Host: checkout.square.site
URL: https://checkout.square.site/merchant/FDJSZFKGKWK8A/checkout/V52Z3O2MP7ETBVZIUDRKWAHK?src=sqmktg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.squareup.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

strict-transport-security
max-age=631152000; includeSubDomains; preload
via
1.1 varnish
x-content-type-options
nosniff
frame-options
DENY
x-cache
MISS
x-xss-protection
1; mode=block
x-served-by
cache-ewr18153-EWR
x-timer
S1656337290.933292,VS0,VE76
x-frame-options
DENY
date
Mon, 27 Jun 2022 13:41:30 GMT
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://connect.squareup.com
access-control-expose-headers
X-Tracon-Host, X-Trogdor-Host
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-CSRF-Token, Authorization, Accept-Encoding, Cache-Control, Origin, X-Trogdor-Csrf-Token, X-Request-Deadline, X-Allow-Cookies, X-Block-Cookies
x-cache-hits
0
v2
pci-connect.squareup.com/payments/mtx/ 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.square.site/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Mon, 27 Jun 2022 13:41:29 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://checkout.square.site
access-control-allow-credentials
true
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn... Frame 9618 		151 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcheckout.square.site&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1093608ce254810bffa4e3d2c609e8556428fa02440bb9dc0f571bcf64f81fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 08:52:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54090
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 04:31:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Jun 2023 08:52:03 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.p5Hz_paAEQ8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.w... Frame 9560 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.p5Hz_paAEQ8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.wxJmnFUiTYs.L.B1.O/am=DQAC/d=1/exm=_b,_tp/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/rs=AMitfrji7YggL1mSrli2TKzlAmIs845WwQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.p5Hz_paAEQ8.es5.O/am=DQAC/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfricSLQUzBsoOsSk-DT8BdLbH1kVCw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3812be51771feb1c91ac2464cde26d0641f3c06da9668995ddff22b69afffbab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 16:40:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
421285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15632
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 01:25:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 16:40:04 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.p5Hz_paAEQ8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.w... Frame 9560 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.p5Hz_paAEQ8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.wxJmnFUiTYs.L.B1.O/am=DQAC/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/rs=AMitfrji7YggL1mSrli2TKzlAmIs845WwQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.p5Hz_paAEQ8.es5.O/am=DQAC/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfricSLQUzBsoOsSk-DT8BdLbH1kVCw/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d60c9327d27af4b7ef084ff32fba2161443f85258cf07d5f432c26504913414
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:37:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13911
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 01:25:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Jun 2023 23:37:49 GMT
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6W... Frame 9618 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6WTCXOsUL0.L.B1.O/am=BwAB/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjPPrSJhe0tPZgKjBLL_cmO5uTR8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cccffb735d4d60bde339514eecf6bb0a28ba612bda188efa6a4138de9f6541d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 08:39:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29059
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 01:25:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Jun 2023 08:39:44 GMT
token
connect.squareup.com/v2/analytics/ Frame 5F2A 		108 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.squareup.com/v2/analytics/token
Requested by
Host: connect.squareup.com
URL: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fcheckout.square.site%2Fmerchant%2FFDJSZFKGKWK8A%2Fcheckout%2FV52Z3O2MP7ETBVZIUDRKWAHK%3Fsrc%3Dsqmktg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.68 San Francisco, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
af4bfc0b6f06183151bbde2b1bfc0a680e998f4c92c7e9fbc833c9cb2cd75657
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fcheckout.square.site%2Fmerchant%2FFDJSZFKGKWK8A%2Fcheckout%2FV52Z3O2MP7ETBVZIUDRKWAHK%3Fsrc%3Dsqmktg
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
square-version
2018-09-18
x-speleo-traceid
BKPegWVfeTSPa
vary
Origin, Accept-Encoding
content-length
124
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://connect.squareup.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies
log
play.google.com/ Frame 9560 		131 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.p5Hz_paAEQ8.es5.O/am=DQAC/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfricSLQUzBsoOsSk-DT8BdLbH1kVCw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
analytics.js
www.google-analytics.com/ Frame 9618 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6WTCXOsUL0.L.B1.O/am=BwAB/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjPPrSJhe0tPZgKjBLL_cmO5uTR8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2703
date
Mon, 27 Jun 2022 12:56:27 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 27 Jun 2022 14:56:27 GMT
pay
pay.google.com/gp/p/ui/ Frame 9618 		1 MB
348 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a55bccccaff9c4e0f940329e6453cd8aa7113905b58dfef91e3a4dcca2019fb0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-Oh-nTxBLEQ5ix-8HY5SPgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-Oh-nTxBLEQ5ix-8HY5SPgw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
date
Mon, 27 Jun 2022 13:41:30 GMT
x-frame-options
DENY
report-to
{"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-Oh-nTxBLEQ5ix-8HY5SPgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-Oh-nTxBLEQ5ix-8HY5SPgw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Mon, 27 Jun 2022 13:41:30 GMT
log
play.google.com/ Frame 9618 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 27 Jun 2022 13:41:30 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9618 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 27 Jun 2022 13:41:30 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9618 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 27 Jun 2022 13:41:30 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9618 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 27 Jun 2022 13:41:30 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9618 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 27 Jun 2022 13:41:30 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9618 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 27 Jun 2022 13:41:30 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 9618 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 27 Jun 2022 13:41:30 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6W... Frame 9618 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6WTCXOsUL0.L.B1.O/am=BwAB/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjPPrSJhe0tPZgKjBLL_cmO5uTR8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4a4527958dc5d1b07ffc3821ca3357b6ab42fc78976b8bb88fe6b961a1a003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 06:08:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7231
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 01:25:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Jun 2023 06:08:19 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6W... Frame 9618 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.A6WTCXOsUL0.L.B1.O/am=BwAB/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjPPrSJhe0tPZgKjBLL_cmO5uTR8Q/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72474285eda37d58cff00697d47a38191d7114a3eb2efdaad2677b813a46d96d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 23:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14168
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 01:25:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Jun 2023 23:52:35 GMT
log
play.google.com/ Frame 9618 		131 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.owB_Gqq1j1o.es5.O/am=BwAB/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhjn2V4Wp5tthjEoeSt87us91qxgA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
v2
pci-connect.squareup.com/payments/mtx/ Frame 6122 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.33.3/main-iframe.html?applicationId=sq0idp-w46nJ_NCNDMSOywaCY0mwA&hostname=checkout.square.site
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://web.squarecdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Mon, 27 Jun 2022 13:41:30 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://web.squarecdn.com
access-control-allow-credentials
true
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| SENTRY object| SNOWPLOW object| bootstrap object| System object| webpackChunk_ecom_online_checkout function| _ object| __SENTRY__ function| Cleave object| GlobalSnowplowNamespace function| snowday object| Snowplow function| yp function| gp function| Sp function| N_ function| bp function| Mp function| U_ function| oa function| eo function| Cp function| pc object| SENTRY_RELEASE object| SENTRY_RELEASES object| core function| SqPaymentForm object| __sentry_instrumentation_handlers__ object| Square object| ndsapi object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| googlePayInstance string| ndjsStaticVersion object| nslyyidtyi function| nsbopifkzi object| nslgf function| nslyyidty function| HashUtil boolean| nsdwhx number| nsviymjoy number| nsbopifk object| nsbopi object| nsgukk object| nscav object| nsgukkebk function| nslgfnpyxj function| nsviymjo object| nsviymjoyg function| nslgfn object| nslyyidt boolean| nsfkgjo string| nscavjy object| nds object| nscavj number| numQueries function| nslgfnpyx object| returned string| version string| nslyyid function| nscavjyd string| nsdwhxu function| nsfkg string| nsviym function| nsfkgjoqrf string| nsviy function| nslyy string| nsfkgjoq string| nsdwhxurq string| nsfkgjoqr object| nsdwhxur object| nsfkgj function| nsdwhxurqd function| nslgfnp function| nsguk function| nsbop function| nslgfnpy function| nsviymj function| ndwti function| nsdwh function| nsbopif function| validateSessionIdCookie function| nscavjydj function| nsbopifkz function| nsgukkeb function| nsgukkebkh function| nscavjydje function| nsabtn function| nsyohyf function| nseyq function| nsuksw function| nspkx function| nstukyiv function| nsyohyfq function| nspkxy function| nsabt function| nsyohyfqpw function| nstukyivzx function| nsejsnfwm object| nsgukke function| nstna function| nspkxynh function| ndwts function| nstukyi function| nsejsnfwmi function| nspkxynhg function| ndoIsKeyIncluded function| nspkxynhgw function| nsyohy function| ndoIsModifierKey function| ndoIsNavigationKey function| ndoIsEditingKey object| KEYBOARD_LOCATION object| KEY_TYPE_AND_LOCATION function| nstnag function| ndoGetKeyboardLocation function| ndoGetKeyTypeAndLocationIndicator function| ndoGetObjectKeys boolean| nslyyi function| nseyqlyrfu function| nsqvjs function| nsdkfgxenr function| nsmioi function| nsdkfg function| ThreeDS2Service function| ChallengeParameters object| ThreeDS

10 Cookies

Domain/Path Name / Value
checkout.square.site/ Name: pay_link_user_site
Value: 135889556%3A695474957102034437
checkout.square.site/ Name: experiment_user_token
Value: ed59bb9c-1fb8-4cef-9065-593faa274b38
.checkout.square.site/ Name: _sp_ses.7acb
Value: *
checkout.square.site/ Name: merchant:FDJSZFKGKWK8A:order:koMXWtkgoRGoXijlGPRwnzMxvqWZY:locale
Value: en-US
checkout.square.site/ Name: square-sync-csrf
Value: eyJpdiI6IlVoK0RlYVwvVGZGc0hDZGZVc29qYzNBPT0iLCJ2YWx1ZSI6IkZnak5kS2FaZmJmaU9YelVneWl5SkdSa2RBUVwvWFwvMTlQT1BcL09nQVpQOTZpajF6bURzQUhlM0JqaWF3aG9vQUR1QWRoNFNrcGlRclNKQXZJQkN3emxRY3V5Q0RBRmRWM21HNVdydjNFdUFcLzlwVmNEN1VKZjg3WWxPcnhqZWNKTSIsIm1hYyI6IjVmZDViZjI2YjhmZjcyMmI2ODc3NTk0N2I3MWIyMjE5YWE2MzVhOTdhNjQ1MWRiMTUzMGY5MzVhN2JjMWUxYmEifQ%3D%3D
checkout.square.site/ Name: square-sync_session
Value: eyJpdiI6IldSQzJlZ2VBQXRhcldrbE15c0d4VVE9PSIsInZhbHVlIjoiSExEcFwvcko5dHQ3cUQ0a2dHekh1TVBmd0cxTXlQdGdPUUU2UWc5RG9wbjQ4RTJCZGRIQVBWZzluckk5cUkxalJOaU8wNWU5aHF2UitvXC9kdFc2Z2ErdXBFWWtabGlIVHFzTUVTR2dQXC82Y3JFVkp2bDQyYVJIeHFyWEorV0toMHgiLCJtYWMiOiI5ZTUxZjc3OWE4NGZhN2Y3MWY3MmM0YjNkMDIyYjJlNzM0MjE2NWVhNTJjMTMyZDMxNjM1MWU4NTFlYzlhNWZjIn0%3D
.checkout.square.site/ Name: _sp_id.7acb
Value: 7dab5deb-7d9b-424b-9404-cc79bd98ea2d.1656337287.1.1656337289.1656337287.c16b481a-3617-4548-a64f-5c72572cbdeb
.squareup.com/ Name: _savt
Value: 9e684b6c-8595-4b92-a4f2-1b03f444c349
ec.editmysite.com/ Name: sp
Value: 304fd737-c8fa-4b76-81dc-89edd6d6a9a7
.google.com/ Name: NID
Value: 511=Gt_mq6TXUpQiGGlO8RKlZNw4NmvQy8fA5ogQSMGXbfVGA51qYQLbKeWGuBuRRJ4aP8cG4eTWszsl16VoYw6pIX9-T-Lcadhi1a859ZR9wRdMmvs9gHDW0i5UWSyqEeFv1t9YftWWSwvnYHE7Ic2eqmFiApTIahcNn65yP_ay7QM

4 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn2.editmysite.com
cdn3.editmysite.com
checkout.square.site
connect.squareup.com
d1g145x70srn7h.cloudfront.net
ec.editmysite.com
fonts.googleapis.com
items-images-production.s3.us-west-2.amazonaws.com
js.squareup.com
nd.squarecdn.com
o160250.ingest.sentry.io
pay.google.com
pci-connect.squareup.com
play.google.com
scysvr03.r.us-west-2.awstrack.me
square-fonts-production-f.squarecdn.com
square.link
squareup.com
web.squarecdn.com
www.google-analytics.com
www.gstatic.com
13.226.39.76
151.101.65.49
199.34.228.38
2600:9000:210b:9000:13:4005:e4c0:93a1
2607:f8b0:4004:c17::5c
2607:f8b0:4006:816::200e
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::200e
2a04:4e42:400::302
34.120.195.249
44.239.242.204
52.218.177.57
52.88.233.191
74.122.189.136
74.122.190.68
75.2.31.133
76.223.91.57
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
03c319cf3522580991aa5c245c75ded4e676a030a739bde3990850639ff46bfd
06d28a30a52a4cf00a8960b01ae15fe88eae30d42af0e04dc23180b6d981b973
0a356433813174165c501876a7dc7ae08bec80bf3dd9e6844edd35429c1c8e78
1093608ce254810bffa4e3d2c609e8556428fa02440bb9dc0f571bcf64f81fd5
10d1a25ec5bf200db1eb559383e634bc01e084244037038878af2936e56354ee
212829863a1178b2a5b1f1006a2bf5755ba42c7a8c5a30998c7e722ea285717c
229ec17324b239127841118369b6ba49cb6acbc054be11dd6b27e68c115565c7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2dcf45da386abc134ac7a7d918fb0385920056ce12c85d75a1318bcdabad768f
3812be51771feb1c91ac2464cde26d0641f3c06da9668995ddff22b69afffbab
3d60c9327d27af4b7ef084ff32fba2161443f85258cf07d5f432c26504913414
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
461a113de727a412cdca77de58343e52874b5a140542da04e696cfd97b1ca150
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52bbe230b3b32997f60bca80dbeebad06359230a8d2a63116bdd9c8c64cce35e
54e4dcf08a7c20e29c67716c5b14c6ff13e5b19e766c5b96c05eaa5b41ba6806
5e094fc97ee2575583299cc73a332e742c43a80e5fefeb3579fe3c5108c535f7
5ef89709c75f752260f764966439edbcce46d1703ccfb82b445ee5cf1ae1c968
5f2c158e6765aa2db41d9457894ceb87fee551a4f911011358e720adf3335e45
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff
66e9a5ea6550da6a32e867444482e4a842ec3070e3cf05688d0e5998b2d2ff54
6a0b6b79b4f8afe5801a48261da73974aaafc6d2dc19281476653df5081afbd7
6b58f628460708b9a34fedcc364e2a9b9ab4f00ae34799877e4ab1ddbcd55a7d
72474285eda37d58cff00697d47a38191d7114a3eb2efdaad2677b813a46d96d
7334366ccd817094122fa5ad56a0ec2e5cb6b6705d260bdea169caa6971d4d78
7beede10ce23eb398840c11a7c28035dc2b0366370a5b19bc676c78d6711cb72
8393c241abde3129f3219379d67bd42c78a4df75fd137dc19b1f2a90bec9aa73
8439d9b87b97cfbc6c7ec99eb415278a5b1f42c629ff72bd23356f90f3e6f3db
8465be4aea57dd1d35c01414395d3c92d5d649024f870d86f55453d7be01c525
937dfb353a13c839ecbc96711f960dad9ce146c5baf485361e5e81f439a3b3c1
947de032d10169ce4108094591279f5d4d1e590a72d78f17bc04780feb5e8753
95d36807cbc8a52ea571a40baa48f8bd0c767b304ea10f4409106860ac965771
9a2c098b42e41f31587f234566513431b0739c60b42f732bb21bf96ed0910425
a189313d63d74fe09a59b2732ae7e579436f2a482fcc9a2c39a15e0bc9c82bc3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a55bccccaff9c4e0f940329e6453cd8aa7113905b58dfef91e3a4dcca2019fb0
a9ace2e96f86beeb1e0f01cbb911ff6ab0e2e282ece104cb601972b64719f417
ac4a4527958dc5d1b07ffc3821ca3357b6ab42fc78976b8bb88fe6b961a1a003
ae8ab2b6e48fdef457c84b2b32b1e7a980579dfc50622ee62fcc515b68752399
af4bfc0b6f06183151bbde2b1bfc0a680e998f4c92c7e9fbc833c9cb2cd75657
b66a157d90e107d03b68ae695c44d8f7091506f43f856f294d5d6b503e7100bc
c406347c8b5835926f4eb134f29533e5443037d19f31e9e2c73051a4cbd0c071
c41c37fde1650ef059ff880952e6fa3c949c82351d7593d6f9a36d8ba9562733
cccffb735d4d60bde339514eecf6bb0a28ba612bda188efa6a4138de9f6541d7
d58fd68ce2c9d26f847665f5656aaa2c2fd81b75b764f43e4e61b2e66cf364d7
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7499a69f3543ec4234cfca87911d9f4e566616fc9e1753e3b6bb003d3601b77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b6581c03b2aa6925ecb22240b7bb61cdd7684ccce8558cc121de6d25e3a360
e7d0df82d8a0b21ec077a52d95ea03e2fbcf90368649de31c28795fe00c42d49
f321df4af5ea5d9ad9d0840c3f6b332567584620efedd1fade186123abc7479e