urlscan.io logo urlscan.io
SecurityTrails logo

pay.sumup.com Open in urlscan Pro
104.18.34.207  Public Scan

Go To Rescan Add Verdict Report
URL: https://pay.sumup.com/b2c/X6VS1STL24
Submission: On April 29 via manual from CH — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 52 HTTP transactions. The main IP is 104.18.34.207, located in and belongs to CLOUDFLARENET, US. The main domain is pay.sumup.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 22nd 2023. Valid for: a year.
This is the only time pay.sumup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 104.18.34.207 13335 (CLOUDFLAR...)
1 142.250.184.200 15169 (GOOGLE)
18 52.212.152.59 16509 (AMAZON-02)
3 76.76.21.61 16509 (AMAZON-02)
1 104.16.79.73 13335 (CLOUDFLAR...)
1 216.239.32.36 15169 (GOOGLE)
2 76.76.21.123 16509 (AMAZON-02)
7 172.64.153.49 13335 (CLOUDFLAR...)
2 54.246.122.175 16509 (AMAZON-02)
1 2.22.204.181 16625 (AKAMAI-AS)
2 74.125.133.92 15169 (GOOGLE)
1 142.250.184.234 ()
2 142.250.186.67 ()
52 14
10    104.18.34.207 (None, )

ASN13335 (CLOUDFLARENET, US)
pay.sumup.com
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
18    52.212.152.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
gateway.sumup.com
3    76.76.21.61 (Walnut, United States)

ASN16509 (AMAZON-02, US)
static.sumup.com
1    104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    76.76.21.123 (Walnut, United States)

ASN16509 (AMAZON-02, US)
js.sumup.com
7    172.64.153.49 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
api.sumup.com
2    54.246.122.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-122-175.eu-west-1.compute.amazonaws.com
pythia-json.live.external.monitoring.sumup.net
1    2.22.204.181 (Isando, South Africa)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-204-181.deploy.static.akamaitechnologies.com
cdn.optimizely.com
2    74.125.133.92 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f92.1e100.net
pay.google.com
1    142.250.184.234 (None, )

ASN- ()
fonts.googleapis.com
2    142.250.186.67 (None, )

ASN- ()
www.gstatic.com
Apex Domain
Subdomains		 Transfer
40 sumup.com
pay.sumup.com
gateway.sumup.com — Cisco Umbrella Rank: 909516
static.sumup.com — Cisco Umbrella Rank: 324400
js.sumup.com
api.sumup.com — Cisco Umbrella Rank: 296948
381 KB
2 gstatic.com
www.gstatic.com
fonts.gstatic.com Failed
2 KB
2 google.com
pay.google.com — Cisco Umbrella Rank: 2903
38 KB
2 sumup.net
pythia-json.live.external.monitoring.sumup.net — Cisco Umbrella Rank: 599608
251 B
1 googleapis.com
fonts.googleapis.com
2 KB
1 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 902
8 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
244 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
87 KB
52 9
Domain Requested by
18 gateway.sumup.com pay.sumup.com
gateway.sumup.com
10 pay.sumup.com 1 redirects pay.sumup.com
7 api.sumup.com pay.sumup.com
3 static.sumup.com pay.sumup.com
2 www.gstatic.com
2 pay.google.com gateway.sumup.com
pay.google.com
2 pythia-json.live.external.monitoring.sumup.net gateway.sumup.com
2 js.sumup.com pay.sumup.com
1 fonts.googleapis.com client
1 cdn.optimizely.com pay.sumup.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.cloudflareinsights.com pay.sumup.com
1 www.googletagmanager.com pay.sumup.com
0 fonts.gstatic.com Failed fonts.googleapis.com
52 14

This site contains links to these domains. Also see Links.

Domain
www.sumup.io
sumup.co.uk
support.apple.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-22 -
2024-08-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
sumup.com
Amazon RSA 2048 M03		 2024-01-23 -
2025-02-20		 a year crt.sh
static.sumup.com
R3		 2024-03-16 -
2024-06-14		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
js.sumup.com
R3		 2024-04-07 -
2024-07-06		 3 months crt.sh
api.sumup.com
E1		 2024-04-24 -
2024-07-23		 3 months crt.sh
*.live.external.monitoring.sumup.net
Amazon RSA 2048 M02		 2024-04-10 -
2025-05-10		 a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://pay.sumup.com/b2c/X6VS1STL24
Frame ID: D608D51E7C20095CFD9535737FBEF3A6
Requests: 27 HTTP requests in this frame

Frame: https://pay.sumup.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: 13C32EA89ECD52B94BD4AC0B2A0E575A
Requests: 2 HTTP requests in this frame

Frame: https://gateway.sumup.com/gateway/ecom/card/v2/aux.html
Frame ID: 029B104BD9C4BF7E116189BF844C5502
Requests: 3 HTTP requests in this frame

Frame: https://gateway.sumup.com/gateway/ecom/card/v2/form.html
Frame ID: 22F24DB993F08B6F3FC3811FABB3FA1F
Requests: 2 HTTP requests in this frame

Frame: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=on-load-indicator&maxLength=
Frame ID: D80F46CAADF3E855D22D7EEECF4EC027
Requests: 2 HTTP requests in this frame

Frame: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.cardholder&maxLength=
Frame ID: DD233156D2C9420AC5B8270AC8E7FD9E
Requests: 2 HTTP requests in this frame

Frame: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.number&maxLength=
Frame ID: A7E6BFB7834ADB465145E8369FA86029
Requests: 2 HTTP requests in this frame

Frame: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.expiryDate&maxLength=
Frame ID: EC9FB7988670641037A7C85E7CB54E75
Requests: 2 HTTP requests in this frame

Frame: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.securityCode&maxLength=3
Frame ID: 304FCD6E3DBE3B3E8ADC25192E10551D
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.sumup.com&mid=
Frame ID: 0A82605F671AD41131DF45CEF06055AB
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&hl=en&buttonSizeMode=fill&enableGpayNewButtonAsset=false&allowedPaymentMethods=%5B%7B%22type%22%3A%22CARD%22%2C%22parameters%22%3A%7B%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CRYPTOGRAM_3DS%22%5D%2C%22allowedCardNetworks%22%3A%5B%22MASTERCARD%22%2C%22VISA%22%5D%7D%2C%22tokenizationSpecification%22%3A%7B%22type%22%3A%22PAYMENT_GATEWAY%22%2C%22parameters%22%3A%7B%22gateway%22%3A%22sumup%22%2C%22gatewayMerchantId%22%3A%22MEDFGF4P%22%7D%7D%7D%5D&gpayButtonVariantType=1&gpayButtonType=buy
Frame ID: 3EFE48026EF6A47691388024E21C6428
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Please pay €35 to 3 Sensi

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

52
Requests

94 %
HTTPS

0 %
IPv6

9
Domains

14
Subdomains

14
IPs

4
Countries

526 kB
Transfer

1774 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://pay.sumup.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://pay.sumup.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request X6VS1STL24
pay.sumup.com/b2c/ 		344 KB
90 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7db6fdf76f2db50c5cb89edab528971b31f86554a6dfbdbe8a66ba3ec3a70ca

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
87bf417479f724c2-ZRH
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 12:22:07 GMT
server
cloudflare
vary
Accept-Encoding
x-fong-id
aa21e19b-b443-4d45-914f-307c1d4c1490
js
www.googletagmanager.com/gtag/ 		246 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M0PYD7B0BH
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2ed3e81452282302dc8c902dcb00cdf8b7272d3e1617fe20b990117e919ff7bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88811
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Apr 2024 12:22:09 GMT
sdk.js
gateway.sumup.com/gateway/ecom/card/v2/ 		302 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9f0031b778f84b807811b2f7b7f23df87329907535bb5f2fe37fcd7b0cd37b3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:09 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-4b83d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
bg-incentives2_3.svg
pay.sumup.com/static/assets/ 		166 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.sumup.com/static/assets/bg-incentives2_3.svg
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e5476e8bae40502732e5861dbe1bfd21c168a55a2477c724f17fa65e8275e7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 25 Apr 2024 07:59:21 GMT
server
cloudflare
age
128
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
87bf4185c8c224c2-ZRH
x-fong-id
4c76b986-25bb-495d-8775-3f4996585e30
expires
Mon, 29 Apr 2024 16:22:09 GMT
aktiv-grotest-400.woff2
static.sumup.com/fonts/latin-greek-cyrillic/ 		71 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.sumup.com/fonts/latin-greek-cyrillic/aktiv-grotest-400.woff2
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d113ff86028bee5f78ca0c950f53d7159289fd7439abd59316abd2422ac2c567
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/
Origin
https://pay.sumup.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:09 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
age
1765562
x-dns-prefetch-control
on
content-disposition
inline; filename="aktiv-grotest-400.woff2"
content-length
73000
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Vercel
x-vercel-id
fra1::whxj5-1714393329805-ef34c405bb7e
etag
"aba3578609093365ea38d7a3355c7409"
x-vercel-cache
HIT
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, s-maxage=60, stale-while-revalidate=86400
accept-ranges
bytes
access-control-allow-headers
Authorization
aktiv-grotest-700.woff2
static.sumup.com/fonts/latin-greek-cyrillic/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.sumup.com/fonts/latin-greek-cyrillic/aktiv-grotest-700.woff2
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e451877da2530b878787df451468521a062720dd71f337838252e7723842a8d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/
Origin
https://pay.sumup.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:09 GMT
strict-transport-security
max-age=63072000
x-content-type-options
nosniff
age
1764919
x-dns-prefetch-control
on
content-disposition
inline; filename="aktiv-grotest-700.woff2"
content-length
71928
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Vercel
x-vercel-id
fra1::shn9m-1714393329805-5f7f2fb54be7
etag
"98d09f7aed2696f695a9610eb0dd5943"
x-vercel-cache
HIT
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, s-maxage=60, stale-while-revalidate=86400
accept-ranges
bytes
access-control-allow-headers
Authorization
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Origin
https://pay.sumup.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 12:12:17 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
87bf4188ff374c69-MXP
collect
region1.google-analytics.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M0PYD7B0BH&gtm=45je44o0v9130644997za200&_p=1714393328118&gcd=13l3l3l3l1&npa=0&dma=0&cid=2056976763.1714393330&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714393330&sct=1&seg=0&dl=https%3A%2F%2Fpay.sumup.com%2Fb2c%2FX6VS1STL24%3Fpromo%3DSCONTO10&dt=Please%20pay%20%E2%82%AC35%20to%203%20Sensi&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4010
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M0PYD7B0BH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 29 Apr 2024 12:22:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay.sumup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
pay.sumup.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame 13C3
Redirect Chain
  • https://pay.sumup.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://pay.sumup.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.sumup.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Protocol
H2
Server
104.18.34.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b585a3be686d433dc2abd97b89b0679c753e172f63263faaf56e9c43e6de7484
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87bf418dafd924c2-ZRH

Redirect headers

date
Mon, 29 Apr 2024 12:22:10 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
87bf418cde8024c2-ZRH
content-length
0
/
pay.sumup.com/api/v1/metrics/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.sumup.com/api/v1/metrics/
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
87bf418d2f1424c2-ZRH
content-length
0
vary
Accept-Encoding
x-fong-id
77de9b83-f15a-472d-9044-39f5d7a40de1
aux.html
gateway.sumup.com/gateway/ecom/card/v2/ Frame 029B 		516 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/aux.html
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f369a63d956f36802669cc149a87416cbaebf46a28164d1246a2b29cf1773561

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 12:22:10 GMT
etag
W/"662a446c-204"
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
vary
Accept-Encoding
rum
pay.sumup.com/cdn-cgi/ 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.sumup.com/cdn-cgi/rum?
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://pay.sumup.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
87bf418d7f8624c2-ZRH
hosted.js
gateway.sumup.com/gateway/ecom/card/v2/ Frame 029B 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/hosted.js
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/aux.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96642bcdd4ef32c4da47f82b2a3f7bfe33c120a2584f9d1c186f827cb3770b4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gateway.sumup.com/gateway/ecom/card/v2/aux.html
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-ded2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
87bf417479f724c2
pay.sumup.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 13C3 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.sumup.com/cdn-cgi/challenge-platform/h/b/jsd/r/87bf417479f724c2
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Apr 2024 12:22:11 GMT
server
cloudflare
cf-ray
87bf418efa1224c2-ZRH
content-length
0
content-type
text/plain; charset=UTF-8
favicon.svg
pay.sumup.com/ 		505 B
484 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.sumup.com/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a21d104471daaabea39cd5809933394460ec0965902d49218402fe42c2df56f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 25 Apr 2024 07:59:21 GMT
server
cloudflare
age
3603
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
87bf418f1a5524c2-ZRH
x-fong-id
f6d6126a-3cdd-4ef4-b23d-bd9c7d5a4f7e
expires
Mon, 29 Apr 2024 16:22:11 GMT
en-GB.json
gateway.sumup.com/gateway/ecom/card/v2/locales/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/locales/en-GB.json
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
15004894969d87a56503153be9449b3f6523bc9cc85611fb6127a6c15e051e59

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
X-Requested-With
XMLHttpRequest
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:11 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-22d5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
en-GB.json
gateway.sumup.com/gateway/ecom/card/v2/locales/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/locales/en-GB.json
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://pay.sumup.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
date
Mon, 29 Apr 2024 12:22:11 GMT
server
nginx
favicon.png
pay.sumup.com/ 		487 B
594 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.sumup.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18772fb44dcb1eee273035758fc1edaa352f2217ab8c1e52635e3132bf7a4cbd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:11 GMT
cf-cache-status
HIT
last-modified
Thu, 25 Apr 2024 07:59:21 GMT
server
cloudflare
age
3999
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
87bf418fdbb824c2-ZRH
x-fong-id
6ee6e409-8440-4c9f-8342-c07ab15b7c27
content-length
487
expires
Mon, 29 Apr 2024 16:22:11 GMT
3483bdf4-6e13-4981-b58f-4e2b03cfbd0a
js.sumup.com/api/checkouts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.sumup.com/api/checkouts/3483bdf4-6e13-4981-b58f-4e2b03cfbd0a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumup-widget-session-id
Access-Control-Request-Method
GET
Origin
https://pay.sumup.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-length
0
date
Mon, 29 Apr 2024 12:22:12 GMT
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
MISS
x-vercel-id
fra1:fra1:fra1::dub1::sfdjs-1714393332046-0847c372edeb
3483bdf4-6e13-4981-b58f-4e2b03cfbd0a
js.sumup.com/api/checkouts/ 		345 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.sumup.com/api/checkouts/3483bdf4-6e13-4981-b58f-4e2b03cfbd0a
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a974386ad207415ac2b28838071a76f9951e337be91cff1e2fc6a1509d1f1cca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
X-SumUp-Widget-Session-Id
ZkUiEX51FDkJ4oh-fQrsC
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:12 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1:fra1::dub1::5zkd9-1714393332190-a084b0ec944c
age
0
etag
W/"159-2YTsfbT8iZL350leSaDut002sQA"
x-vercel-cache
MISS
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
345
analytics
api.sumup.com/v0.1/internal/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sumup.com/v0.1/internal/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.49 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sumup-widget-session-id
Access-Control-Request-Method
POST
Origin
https://pay.sumup.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://pay.sumup.com
access-control-max-age
300
cf-cache-status
DYNAMIC
cf-ray
87bf4199ba9601f8-ZRH
date
Mon, 29 Apr 2024 12:22:12 GMT
server
cloudflare
x-request-id
3a61dec4-e36a-95ac-bb94-ba4b3ba51d4f
analytics
api.sumup.com/v0.1/internal/ 		378 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sumup.com/v0.1/internal/analytics
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.49 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2929b3947a200ca221a3390b7bac67087ef330a07eda774a161145668b9604f0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
X-SumUp-Widget-Session-Id
ZkUiEX51FDkJ4oh-fQrsC
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-amzn-requestid
43188c88-531a-5055-9884-d221c02e2073
access-control-max-age
300
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
text/xml
access-control-allow-origin
*
x-envoy-upstream-service-time
18
cf-ray
87bf419a9bcb01f8-ZRH
content-length
378
apigw-requestid
W_OWUiorDoEEMBg=
x-request-id
80d121d8-d1b4-9ce1-b5e0-bb89845531f8
form.html
gateway.sumup.com/gateway/ecom/card/v2/ Frame 22F2 		546 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/form.html
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da6247de4fa246cd726e39debe2c883dffccb52dd404d321f6c81445d6c45d2d

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 12:22:12 GMT
etag
W/"662a446c-222"
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
vary
Accept-Encoding
field.html
gateway.sumup.com/gateway/ecom/card/v2/ Frame D80F 		2 KB
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=on-load-indicator&maxLength=
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3f85d36315e04cc6c8c24fb7826166694a64c9182e7606ebf159f1586cac1d0b

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 12:22:12 GMT
etag
W/"662a446c-89c"
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
vary
Accept-Encoding
analytics
api.sumup.com/v0.1/internal/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sumup.com/v0.1/internal/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.49 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sumup-widget-session-id
Access-Control-Request-Method
POST
Origin
https://pay.sumup.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://pay.sumup.com
access-control-max-age
300
cf-cache-status
DYNAMIC
cf-ray
87bf4199ba9901f8-ZRH
date
Mon, 29 Apr 2024 12:22:12 GMT
server
cloudflare
x-request-id
7c4e3bd6-04aa-9829-b798-9267ed20ae4c
optimizely.chunk.js
gateway.sumup.com/gateway/ecom/card/v2/ 		104 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/optimizely.chunk.js
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
eda66038b90532556ed16ae42fd3f15cac459eafd14c3f98add974544fa7599f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:12 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-1a00c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
analytics
api.sumup.com/v0.1/internal/ 		378 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sumup.com/v0.1/internal/analytics
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.49 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6afb08950066f04b164c3e570b7991a826ceb221c5c53c316721d4d1cb07eb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
X-SumUp-Widget-Session-Id
ZkUiEX51FDkJ4oh-fQrsC
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-amzn-requestid
a0fcd5cb-187d-543d-ba24-8b628b49c11f
access-control-max-age
300
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
text/xml
access-control-allow-origin
*
x-envoy-upstream-service-time
30
cf-ray
87bf419adc3101f8-ZRH
content-length
378
apigw-requestid
W_OWUiUvDoEEM5w=
x-request-id
7a6ecff3-8717-938b-b50e-28f3ce1648f1
payment-methods
api.sumup.com/v0.2/checkouts/3483bdf4-6e13-4981-b58f-4e2b03cfbd0a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sumup.com/v0.2/checkouts/3483bdf4-6e13-4981-b58f-4e2b03cfbd0a/payment-methods
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.49 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumup-widget-session-id
Access-Control-Request-Method
GET
Origin
https://pay.sumup.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://pay.sumup.com
access-control-max-age
300
cf-cache-status
DYNAMIC
cf-ray
87bf4199ba9701f8-ZRH
date
Mon, 29 Apr 2024 12:22:12 GMT
server
cloudflare
x-request-id
558e5050-410d-9166-9c45-78a7b8510074
payment-methods
api.sumup.com/v0.2/checkouts/3483bdf4-6e13-4981-b58f-4e2b03cfbd0a/ 		115 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sumup.com/v0.2/checkouts/3483bdf4-6e13-4981-b58f-4e2b03cfbd0a/payment-methods
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.49 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
950be7c07cab2f743064ad7491fbf24e30f9537323b3346e71dfcdbba5aa1456

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
X-SumUp-Widget-Session-Id
ZkUiEX51FDkJ4oh-fQrsC
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-max-age
300
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
56
x-op-gateway
true
cf-ray
87bf419a9bc901f8-ZRH
x-fong-id
e797ee97-8fcf-44d3-886a-519d136f6b20
apigw-requestid
W_OWUiKPDoEEP3g=
x-request-id
46e549f7-c518-9ada-ad1b-d9b2ad4219b6
event
pythia-json.live.external.monitoring.sumup.net/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pythia-json.live.external.monitoring.sumup.net/api/v1/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.122.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-122-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
grpc-metadata-x-sumup-pythia-token
Access-Control-Request-Method
POST
Origin
https://gateway.sumup.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Grpc-Metadata-X-Sumup-Pythia-Token
access-control-allow-methods
POST
access-control-allow-origin
https://gateway.sumup.com
content-length
0
date
Mon, 29 Apr 2024 12:22:12 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
pythia-json.live.external.monitoring.sumup.net/api/v1/ Frame 029B 		2 B
251 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pythia-json.live.external.monitoring.sumup.net/api/v1/event
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/hosted.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.122.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-122-175.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://gateway.sumup.com/
grpc-metadata-x-sumup-pythia-token
6C5CB6DE-F4FE-40D5-B8E9-C364190EEE32
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:13 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://gateway.sumup.com
access-control-expose-headers
Grpc-Metadata-Authorization, Grpc-Metadata-X-Sumup-Pythia-Token
access-control-allow-credentials
true
grpc-metadata-content-type
application/grpc
content-length
2
hosted.js
gateway.sumup.com/gateway/ecom/card/v2/ Frame 22F2 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/hosted.js
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/form.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96642bcdd4ef32c4da47f82b2a3f7bfe33c120a2584f9d1c186f827cb3770b4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gateway.sumup.com/gateway/ecom/card/v2/form.html
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-ded2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
hosted.js
gateway.sumup.com/gateway/ecom/card/v2/ Frame D80F 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/hosted.js
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=on-load-indicator&maxLength=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96642bcdd4ef32c4da47f82b2a3f7bfe33c120a2584f9d1c186f827cb3770b4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=on-load-indicator&maxLength=
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-ded2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
/
pay.sumup.com/api/v1/metrics/ 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.sumup.com/api/v1/metrics/
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 29 Apr 2024 12:22:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
87bf4199ad6824c2-ZRH
content-length
0
vary
Accept-Encoding
x-fong-id
d2172853-0e97-4b2f-9e29-bd1663042d9f
WDtPWcxVDexfy2GDVpWgK.json
cdn.optimizely.com/datafiles/ 		55 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/datafiles/WDtPWcxVDexfy2GDVpWgK.json
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.22.204.181 Isando, South Africa, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-22-204-181.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d036032929bd2bcb932d71674683a8871d09530402c4c588ba2f29d0bd399572
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
VkZTzwwb9xAtpgLfvSsrmiUzlhKWBkL.
content-encoding
gzip
date
Mon, 29 Apr 2024 12:22:14 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
BNN75PGBW1ANHTY1
x-amz-server-side-encryption
AES256
x-amz-meta-revision
2407
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=173, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="259";dur=0,cdnip;desc="2.22.204.181";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1714393333519_34710588_1829980218_17314_1842_259_335_219";dur=1
content-length
7851
x-amz-id-2
/iDg4cIW4zuauU0h7EqYuv5iLJN7nNX1pdYBgPsRzs3Dx9pfEKnAWdO9fXATUTQHSRVRncdGSog=
last-modified
Wed, 24 Apr 2024 10:21:43 GMT
server
AmazonS3
etag
"e5e1161a2256bd07270c9d449d9e9671"
vary
Accept-Encoding
access-control-max-age
604800
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD, OPTIONS
cache-control
max-age=118
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
analytics
api.sumup.com/v0.1/internal/ 		378 B
817 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.sumup.com/v0.1/internal/analytics
Requested by
Host: pay.sumup.com
URL: https://pay.sumup.com/b2c/X6VS1STL24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.49 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff52dbb337e6ce03e5dd5c42148cc9ad6f8b13eeee9ae2615df657414c51b069

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
X-SumUp-Widget-Session-Id
ZkUiEX51FDkJ4oh-fQrsC
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-amzn-requestid
0d015a9f-3ce8-59f3-ac5f-0436afdde4d4
access-control-max-age
300
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
text/xml
access-control-allow-origin
*
x-envoy-upstream-service-time
18
cf-ray
87bf419bcd6801f8-ZRH
content-length
378
apigw-requestid
W_OWWgW9DoEEMyg=
x-request-id
f6e7672e-0ba4-93bb-994d-5dc445ee8465
schemes.svg
static.sumup.com/online-payment/icons/cards/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sumup.com/online-payment/icons/cards/schemes.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3c33fa9c18831be9d3260cc624b6737ee0a333a270fa70ce6496baf13fc65893
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
age
1815664
x-dns-prefetch-control
on
content-disposition
inline; filename="schemes.svg"
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Vercel
x-vercel-id
fra1::wjd8k-1714393333327-6525938e8433
etag
W/"b357af7aa33b16329f1a7aee05aec049"
x-vercel-cache
HIT
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, s-maxage=60, stale-while-revalidate=86400
access-control-allow-headers
Authorization
pay.js
pay.google.com/gp/p/js/ 		126 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f92.1e100.net
Software
ESF /
Resource Hash
d56fbe0a29899bea40e589c82493cc6c9fcb284645198e1911f30042df3b3488
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-79MJkL_IeFR7QX_C3w4fPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:13 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-79MJkL_IeFR7QX_C3w4fPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjStHikmLw05BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UMybBN8-ZJL6-ZNIAYjGf6ayHo6ezOqXPYA0CYp_6GawxQNx68xzrVCA2jDzPmvTvPGsREAvxcHxduG8jm8CN622zmQGiHC4l"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 29 Apr 2024 12:22:13 GMT
field.html
gateway.sumup.com/gateway/ecom/card/v2/ Frame DD23 		2 KB
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.cardholder&maxLength=
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3f85d36315e04cc6c8c24fb7826166694a64c9182e7606ebf159f1586cac1d0b

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 12:22:13 GMT
etag
W/"662a446c-89c"
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
vary
Accept-Encoding
field.html
gateway.sumup.com/gateway/ecom/card/v2/ Frame A7E6 		2 KB
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.number&maxLength=
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3f85d36315e04cc6c8c24fb7826166694a64c9182e7606ebf159f1586cac1d0b

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 12:22:13 GMT
etag
W/"662a446c-89c"
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
vary
Accept-Encoding
field.html
gateway.sumup.com/gateway/ecom/card/v2/ Frame EC9F 		2 KB
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.expiryDate&maxLength=
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3f85d36315e04cc6c8c24fb7826166694a64c9182e7606ebf159f1586cac1d0b

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 12:22:13 GMT
etag
W/"662a446c-89c"
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
vary
Accept-Encoding
field.html
gateway.sumup.com/gateway/ecom/card/v2/ Frame 304F 		2 KB
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.securityCode&maxLength=3
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3f85d36315e04cc6c8c24fb7826166694a64c9182e7606ebf159f1586cac1d0b

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 12:22:13 GMT
etag
W/"662a446c-89c"
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
vary
Accept-Encoding
hosted.js
gateway.sumup.com/gateway/ecom/card/v2/ Frame DD23 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/hosted.js
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.cardholder&maxLength=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96642bcdd4ef32c4da47f82b2a3f7bfe33c120a2584f9d1c186f827cb3770b4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.cardholder&maxLength=
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-ded2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
hosted.js
gateway.sumup.com/gateway/ecom/card/v2/ Frame 304F 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/hosted.js
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.securityCode&maxLength=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96642bcdd4ef32c4da47f82b2a3f7bfe33c120a2584f9d1c186f827cb3770b4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.securityCode&maxLength=3
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-ded2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
hosted.js
gateway.sumup.com/gateway/ecom/card/v2/ Frame A7E6 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/hosted.js
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.number&maxLength=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96642bcdd4ef32c4da47f82b2a3f7bfe33c120a2584f9d1c186f827cb3770b4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.number&maxLength=
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-ded2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
hosted.js
gateway.sumup.com/gateway/ecom/card/v2/ Frame EC9F 		56 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.sumup.com/gateway/ecom/card/v2/hosted.js
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.expiryDate&maxLength=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.152.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-152-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96642bcdd4ef32c4da47f82b2a3f7bfe33c120a2584f9d1c186f827cb3770b4d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gateway.sumup.com/gateway/ecom/card/v2/field.html?name=cardDetails.expiryDate&maxLength=
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 12:22:10 GMT
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 11:54:20 GMT
server
nginx
etag
W/"662a446c-ded2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
payframe
pay.google.com/gp/p/ui/ Frame 0A82 		0
0
css
fonts.googleapis.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:500
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
728167d00f3297d884bd80e017c0cc374ae37f74d8a35dfd7577a6b81d41cc5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Apr 2024 12:22:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Apr 2024 10:53:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Apr 2024 12:22:14 GMT
generate_gpay_btn_img
pay.google.com/gp/p/ Frame 3EFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&hl=en&buttonSizeMode=fill&enableGpayNewButtonAsset=false&allowedPaymentMethods=%5B%7B%22type%22%3A%22CARD%22%2C%22parameters%22%3A%7B%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CRYPTOGRAM_3DS%22%5D%2C%22allowedCardNetworks%22%3A%5B%22MASTERCARD%22%2C%22VISA%22%5D%7D%2C%22tokenizationSpecification%22%3A%7B%22type%22%3A%22PAYMENT_GATEWAY%22%2C%22parameters%22%3A%7B%22gateway%22%3A%22sumup%22%2C%22gatewayMerchantId%22%3A%22MEDFGF4P%22%7D%7D%7D%5D&gpayButtonVariantType=1&gpayButtonType=buy
Requested by
Host: gateway.sumup.com
URL: https://gateway.sumup.com/gateway/ecom/card/v2/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f92.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gGRfhwogc3Y08ruSIlxAbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-gGRfhwogc3Y08ruSIlxAbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Mon, 29 Apr 2024 12:22:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
Ayudt5SzRWp86yExqv4T3+PiWzcX+WBtprm+ux6vfIGn5Dg3JSrZL2Y5UkppRzYnVyYzu8hvj+Q4pdGSWsLVYgMAAABgeyJvcmlnaW4iOiJodHRwczovL3BheS5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1RoaXJkUGFydHkiOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/web-reports?context=eJzjStHikmLw05BiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UMybBN8-ZJL6-ZNIAYjGf6ayHo6ezOqXPYA0CYp_6GawxQNx68xzrVCA2jDzPmvTvPGsREAtxc3xfuG8jm8CB9cdEAHMgLZw"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ 		149 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 19:55:26 GMT
x-content-type-options
nosniff
age
232008
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 26 Apr 2025 19:55:26 GMT
dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark_gpay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pay.sumup.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
content-encoding
br
x-content-type-options
nosniff
date
Fri, 26 Apr 2024 20:08:50 GMT
age
231204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
871
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
vary
Accept-Encoding
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Apr 2025 20:08:50 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2
fonts.gstatic.com/s/googlesans/v59/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pay.google.com
URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.sumup.com&mid=
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/googlesans/v59/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyk.woff2

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| Sentry object| __SENTRY__ function| gtag object| dataLayer object| EventHandler function| usePaymentButtonDataStore function| useChargeDataStore function| useEmailDataStore function| submitConsumerData function| updateAppStatus function| submitReceiptContact function| runApplication object| updatedAt function| setUpdateAtDate undefined| updateTimerInterval function| showUpdateAtDate function| updateTimer object| _metrics object| sumupCard function| mountWidget function| updateCharge object| google_tag_manager object| google_tag_data object| gaGlobal object| webpackChunkecom_card_widget object| SumUpPayment object| SumUpCard object| __cfBeacon object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant object| allowlistedMerchantDomainsForBnplDynamicButton string| dynamicGpayButtonVariant object| google

5 Cookies

Domain/Path Name / Value
.sumup.com/ Name: __cf_bm
Value: Uh4u3nkkwkNPCXLuvb6MIlVjD4Veat7e9Pu5N5K.IfE-1714393327-1.0.1.1-8ToDhLD1n7dfFFiEaz62B8yPcoS_LVDDlSoATBDtCBZ87tmsE3ldp2U5K4YdpguimavG13.qXiZx.aBWZlnoALDV.aURmS_qerQcOgZO6dw
.sumup.com/ Name: _ga_M0PYD7B0BH
Value: GS1.1.1714393330.1.0.1714393330.0.0.0
.sumup.com/ Name: _ga
Value: GA1.1.2056976763.1714393330
.sumup.com/ Name: cf_clearance
Value: _v2JoDpVezzteNzFR_Pq6yz4tozEAM9bt2_RgJZL1nE-1714393331-1.0.1.1-ORkz6MONagg1UCVY3UrGb6ASz65Nwukiw9cnPOD6cyajLJEVZHXPn_pCcAwUvJ8D.y0hpRN_n4HFgHgV_tU.Cw
.google.com/ Name: NID
Value: 513=kCEHttLPfvyPnIOyTtBVYCB6TZVK1dh-KWIFCNEp4KdjJtEO-W-RGCo05jGgcmjq5_PIzUcIFA_o7IHoWXECLmt12MGSZES1bXQc-qexxQ9oMUV0fVwbxxkkF53aESna0QH0DUABMWvPDSUMeufksQIMOCL2sooP021q6BwHrTM

3 Console Messages

Source Level URL
Text
other warning URL: https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://pay.sumup.com/b2c/X6VS1STL24?promo=SCONTO10
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.sumup.com
cdn.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
gateway.sumup.com
js.sumup.com
pay.google.com
pay.sumup.com
pythia-json.live.external.monitoring.sumup.net
region1.google-analytics.com
static.cloudflareinsights.com
static.sumup.com
www.googletagmanager.com
www.gstatic.com
fonts.gstatic.com
pay.google.com
104.16.79.73
104.18.34.207
142.250.184.200
142.250.184.234
142.250.186.67
172.64.153.49
2.22.204.181
216.239.32.36
52.212.152.59
54.246.122.175
74.125.133.92
76.76.21.123
76.76.21.61
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
15004894969d87a56503153be9449b3f6523bc9cc85611fb6127a6c15e051e59
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
18772fb44dcb1eee273035758fc1edaa352f2217ab8c1e52635e3132bf7a4cbd
2929b3947a200ca221a3390b7bac67087ef330a07eda774a161145668b9604f0
2a21d104471daaabea39cd5809933394460ec0965902d49218402fe42c2df56f
2ed3e81452282302dc8c902dcb00cdf8b7272d3e1617fe20b990117e919ff7bf
3c33fa9c18831be9d3260cc624b6737ee0a333a270fa70ce6496baf13fc65893
3f85d36315e04cc6c8c24fb7826166694a64c9182e7606ebf159f1586cac1d0b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
728167d00f3297d884bd80e017c0cc374ae37f74d8a35dfd7577a6b81d41cc5d
950be7c07cab2f743064ad7491fbf24e30f9537323b3346e71dfcdbba5aa1456
96642bcdd4ef32c4da47f82b2a3f7bfe33c120a2584f9d1c186f827cb3770b4d
9f0031b778f84b807811b2f7b7f23df87329907535bb5f2fe37fcd7b0cd37b3d
a974386ad207415ac2b28838071a76f9951e337be91cff1e2fc6a1509d1f1cca
b585a3be686d433dc2abd97b89b0679c753e172f63263faaf56e9c43e6de7484
c4e5476e8bae40502732e5861dbe1bfd21c168a55a2477c724f17fa65e8275e7
d036032929bd2bcb932d71674683a8871d09530402c4c588ba2f29d0bd399572
d113ff86028bee5f78ca0c950f53d7159289fd7439abd59316abd2422ac2c567
d56fbe0a29899bea40e589c82493cc6c9fcb284645198e1911f30042df3b3488
d7db6fdf76f2db50c5cb89edab528971b31f86554a6dfbdbe8a66ba3ec3a70ca
da6247de4fa246cd726e39debe2c883dffccb52dd404d321f6c81445d6c45d2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e451877da2530b878787df451468521a062720dd71f337838252e7723842a8d6
eda66038b90532556ed16ae42fd3f15cac459eafd14c3f98add974544fa7599f
ee6afb08950066f04b164c3e570b7991a826ceb221c5c53c316721d4d1cb07eb
f369a63d956f36802669cc149a87416cbaebf46a28164d1246a2b29cf1773561
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
ff52dbb337e6ce03e5dd5c42148cc9ad6f8b13eeee9ae2615df657414c51b069