cattlemenscongress.com Open in urlscan Pro
35.202.169.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cattlemenscongress.com/conference
Effective URL:
https://cattlemenscongress.com/conference/
Submission: On May 05 via manual (May 5th 2023, 5:18:40 pm UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 13 domains to perform 127 HTTP transactions. The main IP is 35.202.169.15, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is cattlemenscongress.com.
TLS certificate: Issued by R3 on March 12th 2023. Valid for: 3 months.

This is the only time cattlemenscongress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 35	35.202.169.15 35.202.169.15	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	35.201.118.58 35.201.118.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:4851	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:10:... 2606:4700:10::ac43:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:4951	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700:11:... 2606:4700:11::6817:860b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.41.132 35.190.41.132	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223d:1600:13:4005:e4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	162.159.140.47 162.159.140.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:205... 2600:9000:2057:6600:1d:940e:c980:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
11	162.159.136.66 162.159.136.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	75.2.31.133 75.2.31.133	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:24e... 2600:1f18:24e6:b901:c90:5688:943f:64f0	14618 (AMAZON-AES) (AMAZON-AES)
2	162.159.140.44 162.159.140.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
127	24

35 35.202.169.15 (Council Bluffs, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.169.202.35.bc.googleusercontent.com

cattlemenscongress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ccongress.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.118.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.118.201.35.bc.googleusercontent.com

form.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4851 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn01.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::ac43:76b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn02.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:4951 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn03.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:11::6817:860b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.41.190.35.bc.googleusercontent.com

files.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223d:1600:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.159.140.47 (None, )

ASN13335 (CLOUDFLARENET, US)

pci-connect.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:6600:1d:940e:c980:93a1 (United States)

ASN16509 (AMAZON-02, US)

kit.cash.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.159.136.66 (None, )

ASN13335 (CLOUDFLARENET, US)

api.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

api.cash.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.31.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab3378e3025098c17.awsglobalaccelerator.com

nd.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b901:c90:5688:943f:64f0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

csp-report.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.140.44 (None, )

ASN13335 (CLOUDFLARENET, US)

pay.cash.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	cattlemenscongress.com 2 redirects cattlemenscongress.com	2 MB
22	squareup.com pci-connect.squareup.com — Cisco Umbrella Rank: 39449 js.squareup.com — Cisco Umbrella Rank: 35974 api.squareup.com — Cisco Umbrella Rank: 17194 connect.squareup.com — Cisco Umbrella Rank: 33728	45 KB
22	jotfor.ms cdn01.jotfor.ms — Cisco Umbrella Rank: 21933 cdn02.jotfor.ms — Cisco Umbrella Rank: 22616 cdn03.jotfor.ms — Cisco Umbrella Rank: 22883 cdn.jotfor.ms — Cisco Umbrella Rank: 19560	875 KB
13	google.com pay.google.com — Cisco Umbrella Rank: 2502 play.google.com — Cisco Umbrella Rank: 27	434 KB
9	cash.app kit.cash.app — Cisco Umbrella Rank: 261083 api.cash.app — Cisco Umbrella Rank: 198011 pay.cash.app	125 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	200 KB
6	squarecdn.com web.squarecdn.com — Cisco Umbrella Rank: 26268 nd.squarecdn.com — Cisco Umbrella Rank: 47826	248 KB
6	jotform.com form.jotform.com — Cisco Umbrella Rank: 20562 Failed www.jotform.com — Cisco Umbrella Rank: 25253 files.jotform.com — Cisco Umbrella Rank: 30278 api.jotform.com — Cisco Umbrella Rank: 73593 events.jotform.com — Cisco Umbrella Rank: 22466	62 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2587	21 KB
2	wpengine.com ccongress.wpengine.com	859 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	133 KB
1	browser-intake-datadoghq.com csp-report.browser-intake-datadoghq.com — Cisco Umbrella Rank: 31417
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 200	5 KB
127	13

	Domain	Requested by
33	cattlemenscongress.com	2 redirects cattlemenscongress.com
11	api.squareup.com
11	cdn.jotfor.ms	form.jotform.com cdn01.jotfor.ms
8	play.google.com	www.gstatic.com
8	pci-connect.squareup.com	web.squarecdn.com
5	pay.google.com	web.squarecdn.com pay.google.com cattlemenscongress.com www.gstatic.com
5	fonts.gstatic.com	cattlemenscongress.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	api.cash.app	kit.cash.app
4	web.squarecdn.com	cdn01.jotfor.ms web.squarecdn.com
4	cdn02.jotfor.ms	form.jotform.com
4	cdn01.jotfor.ms	form.jotform.com
3	kit.cash.app	web.squarecdn.com kit.cash.app
3	cdn03.jotfor.ms	form.jotform.com
2	pay.cash.app	kit.cash.app
2	nd.squarecdn.com	js.squareup.com nd.squarecdn.com
2	connect.squareup.com	js.squareup.com connect.squareup.com
2	api.jotform.com	cdn02.jotfor.ms
2	ccongress.wpengine.com	cattlemenscongress.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	cattlemenscongress.com www.googletagmanager.com
1	csp-report.browser-intake-datadoghq.com	cattlemenscongress.com
1	js.squareup.com	web.squarecdn.com
1	events.jotform.com	form.jotform.com
1	files.jotform.com	form.jotform.com
1	www.jotform.com	1 redirects
1	cdnjs.cloudflare.com	form.jotform.com
1	region1.google-analytics.com	www.googletagmanager.com
1	form.jotform.com	cattlemenscongress.com
127	29

This site contains links to these domains. Also see Links.

Domain
form.jotform.com
www.facebook.com
www.instagram.com
www.tiktok.com
www.youtube.com
soundcloud.com
open.spotify.com
wordpress.org
www.elegantthemes.com
www.wordpress.org

Subject Issuer	Validity	Valid
cattlemenscongress.com R3	`2023-03-12` - `2023-06-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
jotform.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-10` - `2023-10-20`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.wpengine.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
web.squarecdn.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
api.squareup.com Entrust Certification Authority - L1K	`2023-03-24` - `2024-03-23`	a year	crt.sh
js.squareup.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-01`	a year	crt.sh
kit.cash.app Amazon RSA 2048 M01	`2023-02-24` - `2024-02-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
api.cash.app R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
connect.squareup.com Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-21`	a year	crt.sh
nd.squarecdn.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-24`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
pay.cash.app Cloudflare Inc ECC CA-3	`2023-04-25` - `2024-04-23`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://cattlemenscongress.com/conference/
Frame ID: BBD0E6B8E1FE2D2B15E4FE580ED06D71
Requests: 45 HTTP requests in this frame

Frame: https://form.jotform.com/230798380970063?isIframeEmbed=1
Frame ID: 72186097B2611F328D3CC5EE36D01A51
Requests: 51 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.48.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com
Frame ID: BB325071E936509B070A14590FA6512B
Requests: 4 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.48.3/single-card-element-iframe.html
Frame ID: 01ACE94686E7AB1D857FA75CE66406FE
Requests: 1 HTTP requests in this frame

Frame: https://kit.cash.app/1.65.1/pay/enclave.html
Frame ID: 452BA056699C1563A47B98160BBAB87E
Requests: 6 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fform.jotform.com&mid=
Frame ID: 27C47AF6DC88BB5FAABCC5E9A2513CF5
Requests: 12 HTTP requests in this frame

Frame: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fform.jotform.com%2F230798380970063%3FisIframeEmbed%3D1
Frame ID: F48A2FB32B36945AF1AF6DD93D6B19BF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cattlemen’s Conference » Cattlemen's Congress

Page URL History Show full URLs

http://cattlemenscongress.com/conference HTTP 301
https://cattlemenscongress.com/conference HTTP 301
https://cattlemenscongress.com/conference/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Square (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.squareup\.com

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

127
Requests

98 %
HTTPS

65 %
IPv6

13
Domains

29
Subdomains

24
IPs

4
Countries

4972 kB
Transfer

9884 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://form.jotform.com/230046008752044
Title: Sign up for More Info Here

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cattlemenscongress
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cattlemenscongress/
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cattlemenscongress
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC7LiamK40869mQ7VA-WTnhg
Title: Follow

Search URL Search Domain Scan URL

URL: https://soundcloud.com/cattlemens-conversation
Title: Follow

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/5aVqMSfRtwrM5AM8DyHKbb
Title: Follow

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: https://www.elegantthemes.com/
Title: Elegant Themes

Search URL Search Domain Scan URL

URL: https://www.wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cattlemenscongress.com/conference HTTP 301
https://cattlemenscongress.com/conference HTTP 301
https://cattlemenscongress.com/conference/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://www.jotform.com/uploads/Powell_Tyler/form_files/Cattlemens-Conference_Logo_Blue.641a5276104d90.27201487.png HTTP 302
https://files.jotform.com/jufs/Powell_Tyler/form_files/Cattlemens-Conference_Logo_Blue.641a5276104d90.27201487.png?md5=1Ic_GHJR5ENs7eEf2RtZIg&expires=1683307125

127 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cattlemenscongress.com/conference/
Redirect Chain

http://cattlemenscongress.com/conference
https://cattlemenscongress.com/conference
https://cattlemenscongress.com/conference/

279 KB
47 KB

1996ms
1996ms

Document
text/html

35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 31580a3f0e534e33aa4e5940d9b6deacdb0801e8cbd9bbaa69b4269e9c43b9ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 May 2023 17:18:34 GMT
link: <https://cattlemenscongress.com/wp-json/>; rel="https://api.w.org/" <https://cattlemenscongress.com/wp-json/wp/v2/pages/1554>; rel="alternate"; type="application/json" <https://cattlemenscongress.com/?p=1554>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: MISS
x-cache-enabled: False
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

cache-control: max-age=600, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 05 May 2023 17:18:32 GMT
location: https://cattlemenscongress.com/conference/
server: nginx
x-cache: MISS
x-cache-group: normal
x-cacheable: non200
x-powered-by: WP Engine
x-redirect-by: WordPress

GET
H2 200 et-divi-dynamic-1554.css
cattlemenscongress.com/wp-content/et-cache/1554/ 10 KB
2 KB 121ms
120ms Stylesheet
text/css 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/et-cache/1554/et-divi-dynamic-1554.css?ver=1683307112
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ee54d5fc4d46e09c704a6cba0ddf308cada165c30493548035419da8bd98b97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 17:18:32 GMT
server: nginx
etag: W/"64553a68-26b6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/styles/ 414 KB
29 KB 134ms
133ms Stylesheet
text/css 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/styles/style.min.css?ver=4.9.33
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fa5ba6fab394d537af1ad89a49479e9953ab0f96251532163c794a3ccea938e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 15:31:39 GMT
server: nginx
etag: W/"6455215b-678e2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 magnific_popup.css
cattlemenscongress.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/ 6 KB
2 KB 123ms
122ms Stylesheet
text/css 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/css/magnific_popup.css?ver=4.9.33
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:18:52 GMT
server: nginx
etag: W/"64552c6c-1946"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 swiper.css
cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 22 KB
4 KB 130ms
129ms Stylesheet
text/css 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/css/swiper.css?ver=4.9.33
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0e53a639010f02dd7e7c3859f82daeffa535fc069b3e4145640af023dc386f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 15:31:39 GMT
server: nginx
etag: W/"6455215b-5737"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 popup.css
cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 7 KB
1 KB 134ms
133ms Stylesheet
text/css 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/css/popup.css?ver=4.9.33
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 56c81b4086d742cf938f6fbc06de7dab26cce2ea6a889b6cf94a356251495631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 15:31:39 GMT
server: nginx
etag: W/"6455215b-1b60"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 animate.css
cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 83 KB
5 KB 142ms
141ms Stylesheet
text/css 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/css/animate.css?ver=4.9.33
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 15:31:39 GMT
server: nginx
etag: W/"6455215b-14d7b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 readmore.css
cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/css/ 2 KB
794 B 130ms
130ms Stylesheet
text/css 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/css/readmore.css?ver=4.9.33
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e103f8eeb3f4ba878184dea6d2137c6d5d2e0356e62fb5b8385c3d0e0ec598fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 15:31:39 GMT
server: nginx
etag: W/"6455215b-6b2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
62 KB 46ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175830709-5

Requested by

Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1973e85becf3669fe75130a744372fbff307fe92f8ff8d6b8b8739a82904d96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62598
x-xss-protection: 0
last-modified: Fri, 05 May 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 May 2023 17:18:34 GMT

GET
H2 200 CC_Launch.png
cattlemenscongress.com/wp-content/uploads/2020/10/ 15 KB
15 KB 239ms
236ms Image
image/png 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cattlemenscongress.com/wp-content/uploads/2020/10/CC_Launch.png
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f7fb73c592088aae823d942719bc16971766ae789c37f83de068cafcdc780cc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
last-modified: Wed, 21 Oct 2020 21:25:31 GMT
server: nginx
etag: "5f90a74b-3bcc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15308

GET
H2 200 logo-darkbg.png
cattlemenscongress.com/wp-content/uploads/2020/10/ 31 KB
32 KB 236ms
234ms Image
image/png 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cattlemenscongress.com/wp-content/uploads/2020/10/logo-darkbg.png
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: aeeceb3f8c2f0a837de44e66a7af18d4a960c9f210c95453d77a67bbe256396c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
last-modified: Thu, 08 Oct 2020 18:21:55 GMT
server: nginx
etag: "5f7f58c3-7d79"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 32121

GET
H2 200 Cattlemens-Conference_Logo_Blue.png
cattlemenscongress.com/wp-content/uploads/2023/01/ 51 KB
52 KB 217ms
215ms Image
image/png 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cattlemenscongress.com/wp-content/uploads/2023/01/Cattlemens-Conference_Logo_Blue.png
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bf7c6e6a62e535dcce4f52f92c3238d65e49b3dc1a75c25e7ce5589fba41140a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
last-modified: Thu, 05 Jan 2023 20:30:06 GMT
server: nginx
etag: "63b7334e-cdb8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 52664

GET
H2 200 Dr.-Richard-Coffey.png
cattlemenscongress.com/wp-content/uploads/2023/05/ 373 KB
373 KB 237ms
235ms Image
image/png 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cattlemenscongress.com/wp-content/uploads/2023/05/Dr.-Richard-Coffey.png
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c532b102ff628515542320f1b6faa0e755b37c2210f8811ffc55f93fe69e2979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
last-modified: Fri, 05 May 2023 16:39:49 GMT
server: nginx
etag: "64553155-5d238"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 381496

GET
H2 200 Dr.-Mark-Johnspn.png
cattlemenscongress.com/wp-content/uploads/2023/05/ 410 KB
411 KB 237ms
235ms Image
image/png 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cattlemenscongress.com/wp-content/uploads/2023/05/Dr.-Mark-Johnspn.png
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3220bbfceb05b53ecf67a58603460bd8cd17ba4a55344d801dc3c9cd0e9e16f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
last-modified: Fri, 05 May 2023 16:49:16 GMT
server: nginx
etag: "6455338c-667c1"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 419777

GET
H2 200 Mark-McCully.png
cattlemenscongress.com/wp-content/uploads/2023/05/ 295 KB
295 KB 238ms
237ms Image
image/png 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cattlemenscongress.com/wp-content/uploads/2023/05/Mark-McCully.png
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ccc1a0ee01e22bbd18c25e34e5351dd389466729612409c2552b7c21109506b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
last-modified: Fri, 05 May 2023 16:50:12 GMT
server: nginx
etag: "645533c4-49a2e"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 301614

GET
H2 200 jquery.min.js Show response
cattlemenscongress.com/wp-includes/js/jquery/ 88 KB
32 KB 145ms
145ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
server: nginx
etag: W/"632879b8-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
cattlemenscongress.com/wp-includes/js/jquery/ 11 KB
4 KB 133ms
133ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts.min.js Show response
cattlemenscongress.com/wp-content/themes/Divi/js/ 268 KB
60 KB 145ms
142ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.21.0
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 124999106b36b91138193de6ae365bc2e97ec51e122e2f967318ce3d662b561b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:18:51 GMT
server: nginx
etag: W/"64552c6b-42f5a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.fitvids.js Show response
cattlemenscongress.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 3 KB
1 KB 199ms
196ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/jquery.fitvids.js?ver=4.21.0
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:18:52 GMT
server: nginx
etag: W/"64552c6c-d15"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 magnific-popup.js Show response
cattlemenscongress.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 22 KB
9 KB 238ms
235ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.21.0
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:18:52 GMT
server: nginx
etag: W/"64552c6c-5902"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 salvattore.js Show response
cattlemenscongress.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/ 8 KB
4 KB 238ms
235ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.21.0
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:18:52 GMT
server: nginx
etag: W/"64552c6c-217e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 common.js Show response
cattlemenscongress.com/wp-content/themes/Divi/core/admin/js/ 1 KB
815 B 238ms
236ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.21.0
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 16:18:52 GMT
server: nginx
etag: W/"64552c6c-53f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 readmore.js Show response
cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/js/ 5 KB
2 KB 239ms
236ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/public/js/readmore.js?ver=4.9.33
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 43585ee452b4ae41fa2e65afcd240b5613c2110dd185bdba3755b91643413bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 15:31:39 GMT
server: nginx
etag: W/"6455215b-138c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/includes/extensions/ReadMore/ 1 KB
801 B 239ms
236ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/plugins/supreme-modules-pro-for-divi/includes/extensions/ReadMore/frontend.min.js?ver=4.9.33
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a9a223996c915281cd15b8000a6b0a5b41d7b486d1b6bb317842e994b321bad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:34 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 15:31:39 GMT
server: nginx
etag: W/"6455215b-5ea"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dwf.js Show response
cattlemenscongress.com/wp-content/plugins/gtranslate/js/ 20 KB
6 KB 238ms
237ms Script
application/javascript 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/plugins/gtranslate/js/dwf.js?ver=6.1.1
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 544278ca9219edd87d53ddeeeb7748488af6cf0fee6d38c118526df9970a1a95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 15:31:40 GMT
server: nginx
etag: W/"6455215c-5103"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET 230798380970063
form.jotform.com/ Frame 7218 0
0

GET
H2 200 230798380970063 Show response
form.jotform.com/ Frame 7218 38 KB
8 KB 155ms
119ms Document
text/html 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v2.1 /
Resource Hash: 0b5eae255ffe44617a501128a0631bd46d07e7fdbd745e9fb1f742990bc76d04

Request headers

Referer: https://cattlemenscongress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
cache-hit: 1
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 05 May 2023 17:18:34 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: CacheX v2.1
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 et-divi-dynamic-1554-late.css
cattlemenscongress.com/wp-content/et-cache/1554/ 5 KB
1 KB 232ms
232ms Stylesheet
text/css 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/et-cache/1554/et-divi-dynamic-1554-late.css
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e2e20f3c0b22d0a8b6d25bcba002fda39d8e8b02a94024fc738f31387179c0c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: br
last-modified: Fri, 05 May 2023 17:18:34 GMT
server: nginx
etag: W/"64553a6a-12d3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
cattlemenscongress.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 232ms
231ms Stylesheet
text/css 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: br
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
server: nginx
etag: W/"636e62ad-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw3aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 19 KB
19 KB 34ms
10ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw3aXo.woff2

Requested by

Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01ffc8802167df3b7c029549092fd0aa9f0712e089ef4e26c543376de69faa91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cattlemenscongress.com/
Origin: https://cattlemenscongress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 13:51:22 GMT
x-content-type-options: nosniff
age: 12432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19580
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 13:51:22 GMT

GET
H2 200 modules.woff
cattlemenscongress.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 90 KB
91 KB 223ms
222ms Font
font/woff 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7

Request headers

Referer: https://cattlemenscongress.com/conference/
Origin: https://cattlemenscongress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
last-modified: Fri, 05 May 2023 16:18:52 GMT
server: nginx
etag: "64552c6c-1693c"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 92476

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w3aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 19 KB
20 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w3aXo.woff2

Requested by

Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c3e418bbd1355279dc9a7b5d7a6ff58a73432bd49d6082a0f1544cc1c593e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cattlemenscongress.com/
Origin: https://cattlemenscongress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 23:14:18 GMT
x-content-type-options: nosniff
age: 583456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19768
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 23:14:18 GMT

GET
H2 200 fa-brands-400.woff2
cattlemenscongress.com/wp-content/themes/Divi/core/admin/fonts/fontawesome/ 77 KB
77 KB 222ms
222ms Font
font/woff2 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cattlemenscongress.com/wp-content/themes/Divi/core/admin/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer: https://cattlemenscongress.com/conference/
Origin: https://cattlemenscongress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
last-modified: Fri, 05 May 2023 16:18:52 GMT
server: nginx
etag: "64552c6c-1327c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 78460

GET
H2 200 Hugh-Aljoe.png
cattlemenscongress.com/wp-content/uploads/2023/05/ 379 KB
380 KB 191ms
190ms Image
image/png 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cattlemenscongress.com/wp-content/uploads/2023/05/Hugh-Aljoe.png
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c51c3028c3f41ebf6ab37f80b117a3e46bf8916e2f04465b1d8d8a84d9d69233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
last-modified: Fri, 05 May 2023 16:51:04 GMT
server: nginx
etag: "645533f8-5eba2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 388002

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
72 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2GG100W4DJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175830709-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b07c5a190550640f131dc96b0df1da71285b08fa3c8f6b05404c8edb6d2188d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73546
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 17:18:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175830709-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 May 2023 17:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 811
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 05 May 2023 19:05:04 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1624387111&t=pageview&_s=1&dl=https%3A%2F%2Fcattlemenscongress.com%2Fconference%2F&ul=en-us&de=UTF-8&dt=Cattlemen%E2%80%99s%20Conference%20%C2%BB%20Cattlemen%27s%20Congress&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1716406918&gjid=46107144&cid=1005208593.1683307115&tid=UA-175830709-5&_gid=1327825799.1683307115&_r=1&gtm=457e3530&jsscut=1&z=705205279

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cattlemenscongress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:18:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cattlemenscongress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 41ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2GG100W4DJ&gtm=45je3530&_p=1624387111&cid=1005208593.1683307115&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1683307115&sct=1&seg=0&dl=https%3A%2F%2Fcattlemenscongress.com%2Fconference%2F&dt=Cattlemen%E2%80%99s%20Conference%20%C2%BB%20Cattlemen%27s%20Congress&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2GG100W4DJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:18:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cattlemenscongress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5e6b428acc8c4e222d1beb91.css
cdn01.jotfor.ms/themes/CSS/ Frame 7218 483 KB
56 KB 46ms
17ms Stylesheet
text/css 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d9d621729fd263697106d518ec308781175dbabe71ecc98a1f87793c39247e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 175386
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
last-modified: Wed, 03 May 2023 16:35:29 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=86400
x-form-cache: MISS-APP
cf-ray: 7c2aa4bd6c6b3a86-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 payment_styles.css
cdn02.jotfor.ms/css/styles/payment/ Frame 7218 67 KB
11 KB 54ms
26ms Stylesheet
text/css 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/css/styles/payment/payment_styles.css?3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6cb81ab258a358b6de4f27913771b4647c206107bdad2926eb912d005bc1e01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-static: 2
date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 03 May 2023 07:22:20 GMT
server: cloudflare
age: 175851
etag: W/"64520bac-10cad"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7c2aa4bd6fa78fdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 payment_feature.css
cdn03.jotfor.ms/css/styles/payment/ Frame 7218 21 KB
4 KB 66ms
36ms Stylesheet
text/css 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/css/styles/payment/payment_feature.css?3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a563aa60395e445bac4f1baba89a0f12006b52c9ba8619f094ea8595d903346f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-static: 2
date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 175848
etag: W/"644a9d8a-55e7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7c2aa4bd6f7e3671-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 prototype.forms.js Show response
cdn01.jotfor.ms/static/ Frame 7218 126 KB
33 KB 61ms
32ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 03 May 2023 16:26:14 GMT
server: cloudflare
age: 175810
etag: W/"64528b26-1f932"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 7c2aa4bd6c6d3a86-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jotform.forms.js Show response
cdn02.jotfor.ms/static/ Frame 7218 560 KB
148 KB 46ms
18ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 902af5aebf9b9e9cf267f84a747b108bc81f4e82dd7b779fd288643033c22dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 03 May 2023 16:26:14 GMT
server: cloudflare
age: 175851
etag: W/"64528b26-8bfeb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 7c2aa4bd6fa98fdd-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 punycode.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame 7218 14 KB
5 KB 51ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4912578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4177
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-394e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BNLJ%2Bji12jbINy%2Fzmh76CmaBKT5V9AeXyzi4zcmZq390AVY3KCSajUezqL%2Bt%2F4%2FwFrsjcUMtuawNipl2hUX4JYCXq5x4GyCjkYDf74w2Eev8aFTvNL%2BoY1dSToIykDnx9bwPR8SDP7IHNB9HR2LYF7e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c2aa4be8b319bb0-FRA
expires: Wed, 24 Apr 2024 17:18:35 GMT

GET
H2 200 jquery-1.8.0.min.js Show response
cdn03.jotfor.ms/js/vendor/ Frame 7218 90 KB
32 KB 102ms
72ms Script
application/x-javascript 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/js/vendor/jquery-1.8.0.min.js?v=3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f52a67efde6061b08523ce2243e232ce337d094b30bb5bfe6c3aeff3df81b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-static: 2
date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 175755
etag: W/"644a9d8a-16633"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7c2aa4bd6f823671-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 maskedinput.min.js Show response
cdn01.jotfor.ms/js/vendor/ Frame 7218 92 KB
27 KB 30ms
29ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/js/vendor/maskedinput.min.js?v=3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e12e95176d4efb550a002ba411794aae00c31d552761c984e8d3ec33d597dbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-static: 2
date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 175810
etag: W/"644a9d8a-16e80"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7c2aa4be5d723a86-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jquery.maskedinput.min.js Show response
cdn02.jotfor.ms/js/vendor/ Frame 7218 4 KB
2 KB 26ms
24ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/js/vendor/jquery.maskedinput.min.js?v=3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e4a06f8518d0b05c817c35ab157d8f171674c4c96144db765d15fd2870900a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-static: 2
date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 57062
etag: W/"644a9d8a-1124"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7c2aa4be58978fdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 paymentUtils.js Show response
cdn03.jotfor.ms/js/payments/ Frame 7218 27 KB
8 KB 64ms
34ms Script
application/x-javascript 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/js/payments/paymentUtils.js?v=3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a62cf033caeb973492ea18c06fc13b91cc79353cf52af42ef4fb2d5331049e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-static: 2
date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 75524
etag: W/"644a9d8a-6abc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7c2aa4bd6f853671-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 square.js Show response
cdn01.jotfor.ms/js/ Frame 7218 58 KB
11 KB 52ms
25ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/js/square.js?v=3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d94daabc798cd6194ce37f536bff13c5c6fe78e7970d3e57e5107bf93fc74c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-static: 2
date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 15:27:03 GMT
server: cloudflare
age: 75524
etag: W/"6453cec7-e64a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7c2aa4bd6c6e3a86-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 validategateways.js Show response
cdn02.jotfor.ms/js/payments/ Frame 7218 432 B
371 B 53ms
26ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/js/payments/validategateways.js?v=3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a929586e4010174b728088da5cdead8e55e0fc4b56aff666aa934b4f2af002d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:01 GMT
date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 10:04:33 GMT
server: cloudflare
age: 175687
etag: W/"6450e031-1b0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7c2aa4bd6fac8fdd-FRA
x-static: 2

GET
H2 200 CC_icon.png
cdn.jotfor.ms/assets/img/payments/ Frame 7218 4 KB
5 KB 27ms
26ms Image
image/png 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/CC_icon.png
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f4ceddebe04630fe781aadd9956883463438f1df6a6e93bbef067c1fa00699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
cf-cache-status: HIT
age: 4255772
content-length: 4545
last-modified: Thu, 10 Feb 2022 14:19:31 GMT
server: cloudflare
etag: "62051ef3-11c1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c2aa4be589a8fdd-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 apple_icon_black.png
cdn.jotfor.ms/assets/img/payments/ Frame 7218 546 B
648 B 28ms
27ms Image
image/png 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/apple_icon_black.png
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c60462a13076bea84c6a3cbf1dd87bbc0f39c877b0f31ead3c9fd45dfb15f336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
cf-cache-status: HIT
age: 4255772
content-length: 546
last-modified: Thu, 10 Feb 2022 10:50:14 GMT
server: cloudflare
etag: "6204ede6-222"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c2aa4be589b8fdd-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 googlePay.png
cdn.jotfor.ms/assets/img/payments/ Frame 7218 1 KB
1 KB 26ms
25ms Image
image/png 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/googlePay.png
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd62e1811abf5572388bb4f4ef47d76dcfad942156d4eb5acdfe7d64a17e7924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
cf-cache-status: HIT
age: 4255772
content-length: 1238
last-modified: Mon, 07 Mar 2022 07:59:35 GMT
server: cloudflare
etag: "6225bb67-4d6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c2aa4be589c8fdd-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 square_cashApp.png
cdn.jotfor.ms/assets/img/payments/ Frame 7218 1 KB
1 KB 29ms
28ms Image
image/png 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/square_cashApp.png
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa26b4e27d0c52ce264a88a323d939b6193ffe96b66b8d592f41d729c6fe758

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
cf-cache-status: HIT
age: 4249326
content-length: 1213
last-modified: Thu, 10 Feb 2022 14:19:31 GMT
server: cloudflare
etag: "62051ef3-4bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7c2aa4be589d8fdd-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 smoothscroll.min.js Show response
cdn.jotfor.ms//js/vendor/ Frame 7218 5 KB
2 KB 28ms
18ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms//js/vendor/smoothscroll.min.js?v=3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49176b244de4b07d2a8a79cd8663a2fced053acc22b1807929521665d09f3e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-static: 2
date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 175850
etag: W/"644a9d8a-13c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7c2aa4be286b8fdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 errorNavigation.js Show response
cdn.jotfor.ms//js/ Frame 7218 6 KB
2 KB 37ms
27ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms//js/errorNavigation.js?v=3.3.41475
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f3c0bad20a824194399d60c1009b4e602260f8de243eec5319c695813a78cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-static: 2
date: Fri, 05 May 2023 17:18:35 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 175850
etag: W/"644a9d8a-16c2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7c2aa4be286a8fdd-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

Cattlemens-Conference_Logo_Blue.641a5276104d90.27201487.png
files.jotform.com/jufs/Powell_Tyler/form_files/ Frame 7218
Redirect Chain

https://www.jotform.com/uploads/Powell_Tyler/form_files/Cattlemens-Conference_Logo_Blue.641a5276104d90.27201487.png
https://files.jotform.com/jufs/Powell_Tyler/form_files/Cattlemens-Conference_Logo_Blue.641a5276104d90.27201487.png?md5=1Ic_GHJR5ENs7eEf2RtZIg&expires=1683307125

51 KB
52 KB

171ms
121ms

Image
image/png

35.190.41.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jotform.com/jufs/Powell_Tyler/form_files/Cattlemens-Conference_Logo_Blue.641a5276104d90.27201487.png?md5=1Ic_GHJR5ENs7eEf2RtZIg&expires=1683307125
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Server: 35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.41.190.35.bc.googleusercontent.com
Software: /
Resource Hash: bf7c6e6a62e535dcce4f52f92c3238d65e49b3dc1a75c25e7ce5589fba41140a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: OPTIONS, GET
content-type: image/png

Redirect headers

date: Fri, 05 May 2023 17:18:35 GMT
strict-transport-security: max-age=600000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 05 May 2023 17:18:35 GMT
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://files.jotform.com/jufs/Powell_Tyler/form_files/Cattlemens-Conference_Logo_Blue.641a5276104d90.27201487.png?md5=1Ic_GHJR5ENs7eEf2RtZIg&expires=1683307125
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7c2aa4bebad12c26-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 Inter-Regular.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame 7218 101 KB
100 KB 50ms
31ms Font
text/html 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Regular.woff2
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.41475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56a338fee285b3fc2499b7d0c35717b08f0a99f1052094b3789cf1de46bf8c6f

Request headers

Referer: https://cdn01.jotfor.ms/
Origin: https://form.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 09:42:55 GMT
server: cloudflare
age: 4257166
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7c2aa4beae519061-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 7218 183 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7751d5a2deeb6b3d18873c7f1837dedfc330136a8e7cc2116bb5f22f1dfe3855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7218 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30abb3e0f8dc461f6e1a3e5d8ed0116d97a75e31343af1714188ca19c7fd7644

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Inter-SemiBold.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame 7218 109 KB
109 KB 36ms
22ms Font
text/html 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-SemiBold.woff2
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.41475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50541f133b1c01d8d8eada674b7243eb4996cd9df559f7e47e9abf0a98f7d03e

Request headers

Referer: https://cdn01.jotfor.ms/
Origin: https://form.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 09:42:55 GMT
server: cloudflare
age: 4257277
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7c2aa4beae529061-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Inter-Medium.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame 7218 109 KB
108 KB 45ms
32ms Font
text/html 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Medium.woff2
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.41475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5502b70e93fe8aae0a18d70999b58875d3aa66a832c889e58713b5927f41a29

Request headers

Referer: https://cdn01.jotfor.ms/
Origin: https://form.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 09:42:55 GMT
server: cloudflare
age: 4257167
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7c2aa4beae569061-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Inter-Light.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame 7218 107 KB
106 KB 44ms
31ms Font
text/html 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Light.woff2
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.41475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0acff9a8216c920ae0897d1f041abd705c0b02d37cd87e1f20994a305d677bb7

Request headers

Referer: https://cdn01.jotfor.ms/
Origin: https://form.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 09:42:55 GMT
server: cloudflare
age: 235
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7c2aa4beae549061-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Inter-Bold.woff2
cdn.jotfor.ms/fonts/inter/fonts/ Frame 7218 109 KB
109 KB 42ms
30ms Font
text/html 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/inter/fonts/Inter-Bold.woff2
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/themes/CSS/5e6b428acc8c4e222d1beb91.css?v=3.3.41475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e200501ecfcf50a000092f9e08ee86aece49825d86d7fae3cbe9cbada96b9da5

Request headers

Referer: https://cdn01.jotfor.ms/
Origin: https://form.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2022 09:42:55 GMT
server: cloudflare
age: 214
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7c2aa4beae539061-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 top-bg-scaled.jpg
ccongress.wpengine.com/wp-content/uploads/2020/10/ 65 KB
65 KB 523ms
159ms Image
image/jpeg 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccongress.wpengine.com/wp-content/uploads/2020/10/top-bg-scaled.jpg
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4af4cfb27c47f48d8ef1e76352a42aeaeac1ec46c4a15be7c0a055bebd3b6f72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
last-modified: Thu, 08 Oct 2020 18:52:49 GMT
server: nginx
etag: "5f7f6001-104a9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 66729

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw3aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw3aXo.woff2

Requested by

Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c65b3db605be9709573951eb560b092f6ac76af88231a59fad750cc69d1e49a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cattlemenscongress.com/
Origin: https://cattlemenscongress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 18:39:35 GMT
x-content-type-options: nosniff
age: 513540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19332
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:55:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 18:39:35 GMT

GET
H2 200 ASC_0577-2-copy.jpg
ccongress.wpengine.com/wp-content/uploads/2020/10/ 793 KB
794 KB 522ms
159ms Image
image/jpeg 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccongress.wpengine.com/wp-content/uploads/2020/10/ASC_0577-2-copy.jpg
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 25913f11ebe39024e72a7ed5911bde562d500a5e76181fa2a11fa6dd6c56619c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
last-modified: Thu, 08 Oct 2020 19:16:28 GMT
server: nginx
etag: "5f7f658c-c626b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 811627

GET
DATA 200
OK truncated
/ 303 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99956046170e543e30ebf55f7cd5b491f7f7e8eef0bb7a3a5e5c8c776c7e6e23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 square.js Show response
web.squarecdn.com/v1/ Frame 7218 335 KB
97 KB 183ms
8ms Script
application/javascript 2600:9000:223d:1600:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/v1/square.js
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/js/square.js?v=3.3.41475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:1600:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58044dcadb021ba1d5b6b86226db1b7f34ca0c55b797b6b5d5e67f68edd0224d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: zL7R7JUve3H.AtCjJqu9TIlWAnF.PJ_5
content-encoding: gzip
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
date: Thu, 04 May 2023 17:44:16 GMT
x-amz-cf-pop: FRA56-P3
age: 84860
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-websdk-version: 1.48.3
last-modified: Fri, 28 Apr 2023 17:27:48 GMT
server: AmazonS3
etag: W/"52571ac7956748fddfe4498a572f04c0"
access-control-max-age: 300
x-amz-meta-md5checksum: Ulcax5VnSP3f5EmKVy8EwA==
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: cZNvhgQjd7O2AIG7w33lbjNpLTUqpwV9h12wlT1QC209jzIxovg8-g==

GET
H2 200 generateTransactionId Show response
api.jotform.com/payment/ Frame 7218 122 B
628 B 182ms
154ms XHR
application/json 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.jotform.com/payment/generateTransactionId?ms=1683307115395
Requested by: Host: cdn02.jotfor.ms
URL: https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.41475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5156c4b4a517e8e887ef5dd291e64654c57323b2d746e11794856104ce1fd73

Request headers

Referer: https://form.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 05 May 2023 17:18:35 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETE
content-type: application/json
access-control-allow-origin: https://form.jotform.com
cache-control: no-cache
access-control-allow-credentials: true
x-form-cache: MISS
cf-ray: 7c2aa4bf6e252c4e-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 /
events.jotform.com/form/230798380970063/ Frame 7218 0
172 B 152ms
139ms Image
text/plain 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/form/230798380970063/?ref=https%253A%252F%252Fcattlemenscongress.com%252F&res=1600x1200&eventID=1683307115396_230798380970063_TPNwGoK&loc=undefined
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/230798380970063?isIframeEmbed=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Fri, 05 May 2023 13:18:35 GMT
server: cloudflare
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7c2aa4bf5b9a2c26-FRA
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw3aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw3aXo.woff2

Requested by

Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfb7cf0faeba70db28a9ed1a35b932b2a85bac25d27b1859befec067937393f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cattlemenscongress.com/
Origin: https://cattlemenscongress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:50:04 GMT
x-content-type-options: nosniff
age: 523711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19396
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:59:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 15:50:04 GMT

GET
H2 200 getPublicParams Show response
api.jotform.com/payment/square/ Frame 7218 211 B
206 B 160ms
159ms XHR
application/json 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.jotform.com/payment/square/getPublicParams?formID=230798380970063&params=location,allowTest,showCard,showCashApp,showGooglePay,showApplePay
Requested by: Host: cdn02.jotfor.ms
URL: https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.41475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0fb77b59abbcbd548c0f92921372cabcebad95e76087554ac7337abc97f6c44

Request headers

Referer: https://form.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 05 May 2023 17:18:35 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETE
content-type: application/json
access-control-allow-origin: https://form.jotform.com
cache-control: no-cache
access-control-allow-credentials: true
x-form-cache: MISS
cf-ray: 7c2aa4c0b9182c4e-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 main-iframe.html Show response
web.squarecdn.com/1.48.3/ Frame BB32 325 KB
89 KB 8ms
8ms Document
text/html 2600:9000:223d:1600:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.48.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:1600:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee0020b35872f999aee59662bc96b658c00a34eea131eae683d1294788f2675d

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 57317
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Fri, 05 May 2023 01:23:37 GMT
etag: W/"07535a52840d05e02bd0022c16a36ac0"
last-modified: Wed, 26 Apr 2023 19:08:04 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
x-amz-cf-id: NK3YtAmSwNqrd5gdQ__KOra2JHYz8iAJJepGDZlrfYbSxb9sJ28jSA==
x-amz-cf-pop: FRA56-P3
x-amz-meta-md5checksum: B1NaUoQNBeAr0AIsFqNqwA==
x-amz-meta-websdk-version: 1.48.3
x-amz-server-side-encryption: AES256
x-amz-version-id: iRHmEWi9wWFxY47QqEt.sA8HZME29dPC
x-cache: Hit from cloudfront

GET
H2 200 en-us.png
cattlemenscongress.com/wp-content/plugins/gtranslate/flags/24/ 656 B
857 B 197ms
196ms Image
image/png 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cattlemenscongress.com/wp-content/plugins/gtranslate/flags/24/en-us.png
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:35 GMT
last-modified: Fri, 05 May 2023 15:31:40 GMT
server: nginx
etag: "6455215c-290"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 656

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hydrate Show response
pci-connect.squareup.com/payments/ Frame BB32 1 KB
1 KB 446ms
426ms Fetch
application/json 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com&locationId=LRJHX3N4ZWZT8&version=1.48.3

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.48.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5dd1edd957e3de32a69e7b45544880fd42459b0358b4e10fd20e2aaad49f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
square-version: 2018-07-12
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-speleo-traceid: CDN-9ebe2e17-4f38-4009-ab6a-606bee8e2ac3
x-sq-region: iad2b
content-length: 600
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7c2aa4c6af449262-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 hydrate
pci-connect.squareup.com/payments/ Frame 0
0 437ms
402ms Preflight 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com&locationId=LRJHX3N4ZWZT8&version=1.48.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://web.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://web.squarecdn.com
cf-cache-status: DYNAMIC
cf-ray: 7c2aa4c3f9c3194d-FRA
content-length: 0
date: Fri, 05 May 2023 17:18:36 GMT
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w3aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w3aXo.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c316558e18d2996ed4394bc36b17d993c21584f30d16dd0e6d87673f5892c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cattlemenscongress.com/
Origin: https://cattlemenscongress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 23:03:19 GMT
x-content-type-options: nosniff
age: 497717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19464
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:54:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 23:03:19 GMT

GET
H2 200 CC_Launch.png
cattlemenscongress.com/wp-content/uploads/2020/10/ 15 KB
15 KB 117ms
117ms Image
image/png 35.202.169.15
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cattlemenscongress.com/wp-content/uploads/2020/10/CC_Launch.png
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.169.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 15.169.202.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f7fb73c592088aae823d942719bc16971766ae789c37f83de068cafcdc780cc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cattlemenscongress.com/conference/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:36 GMT
last-modified: Wed, 21 Oct 2020 21:25:31 GMT
server: nginx
etag: "5f90a74b-3bcc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15308

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ Frame 7218 0
291 B 416ms
415ms Ping
text/plain 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://form.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://form.jotform.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7c2aa4c7f89e9262-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

GET
H2 200 data.js Show response
js.squareup.com/payments/ Frame 7218 85 KB
26 KB 488ms
447ms Script
application/javascript 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.squareup.com/payments/data.js

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf5be49f60a315f84b8984af1d0f37e5a4e0fcc67b84540f5ec36d5f8d1ae2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sq-region: iad2b
cf-ray: 7c2aa4c99a8c9219-FRA
x-xss-protection: 1; mode=block

GET
H2 200 pay.js Show response
kit.cash.app/v1/ Frame 7218 266 KB
82 KB 58ms
7ms Script
text/javascript 2600:9000:2057:6600:1d:940e:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.cash.app/v1/pay.js
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6600:1d:940e:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 018608792bf8b43854e08b342a92ec055a67272a6bb4486126f8a666ac999bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:02:45 GMT
x-amz-version-id: 27LI3qvwdCB1GYrx82.QkOzzUkW3BIRW
content-encoding: gzip
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83753
x-amz-server-side-encryption: AES256
x-amz-meta-version: 1.65.1
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 17:58:52 GMT
server: AmazonS3
etag: W/"1b1f755e721035ed053e441157e200fc"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-md5checksum: Gx91XnIQNe0FPkQRV+IA/A==
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: wU0m-4EsxK3bhJw-nrx8IJVx8O4MEp4KX8874CHLwqZQPM8ol4Of2w==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 7218 116 KB
36 KB 123ms
79ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

248a1075a0c6bd06c4f88ba216bb1e53ea9313b8cc4034a2781768d140ad0bc5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_DeCxBuc46yE41j7RuQuwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_DeCxBuc46yE41j7RuQuwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 05 May 2023 17:18:37 GMT

GET
H2 200 single-card-element-iframe.html Show response
web.squarecdn.com/1.48.3/ Frame 01AC 8 KB
2 KB 8ms
7ms Document
text/html 2600:9000:223d:1600:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.48.3/single-card-element-iframe.html
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:1600:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 45023
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Fri, 05 May 2023 05:29:18 GMT
etag: W/"03e704396b83c27986cdb35eb350b127"
last-modified: Wed, 26 Apr 2023 19:08:04 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
x-amz-cf-id: HL2Qz0BchQekBumKN0sxOKWPTwGADfFObMA_MVC7cI4TkWGe9joFhw==
x-amz-cf-pop: FRA56-P3
x-amz-meta-md5checksum: A+cEOWuDwnmGzbNes1CxJw==
x-amz-meta-websdk-version: 1.48.3
x-amz-server-side-encryption: AES256
x-amz-version-id: pYD85qilB.H.Y_duQhlqqIIXAPq50ZFs
x-cache: Hit from cloudfront

POST
H2 200 token Show response
pci-connect.squareup.com/digital-wallets/google-pay/ Frame BB32 256 B
359 B 419ms
418ms Fetch
application/json 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/digital-wallets/google-pay/token

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.48.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de61bcca0f2523df449da6fefada7081acacd9529e2a7ee66ea6fe7857378282

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
square-version: 2018-07-12
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-speleo-traceid: CDN-defa873e-01a6-400b-b3ee-b7bc726aa4f1
x-sq-region: iad2b
content-length: 243
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7c2aa4cbfcad9262-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame 0
0 403ms
403ms Preflight 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/digital-wallets/google-pay/token

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://web.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://web.squarecdn.com
cf-cache-status: DYNAMIC
cf-ray: 7c2aa4c96b56194d-FRA
content-length: 0
date: Fri, 05 May 2023 17:18:37 GMT
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 card-wrapper.css
web.squarecdn.com/1.48.3/ Frame 7218 5 KB
2 KB 8ms
8ms Stylesheet
text/css 2600:9000:223d:1600:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.48.3/card-wrapper.css
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:1600:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id: ksTAiQwequ5xBI_JXceqtrSqK7MeEUVC
content-encoding: gzip
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
date: Fri, 05 May 2023 00:53:52 GMT
x-amz-cf-pop: FRA56-P3
age: 59093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-websdk-version: 1.48.3
last-modified: Wed, 26 Apr 2023 19:08:04 GMT
server: AmazonS3
etag: W/"fc8dede0a55deae1322d5d80b0e848a9"
access-control-max-age: 300
x-amz-meta-md5checksum: /I3t4KVd6uEyLV2AsOhIqQ==
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: text/css
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: 9CmKP_00shVZ55Fji8wwArlvHq22yPSglfGoqUpnf7AhzrzRBcHbdA==

GET
H2 200 enclave.html Show response
kit.cash.app/1.65.1/pay/ Frame 452B 239 B
815 B 7ms
7ms Document
text/html 2600:9000:2057:6600:1d:940e:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.cash.app/1.65.1/pay/enclave.html
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/v1/pay.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6600:1d:940e:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e10c3dfc668baea041b5bce1aac0d8452c7892235c48709ccb9eab2f50c76004

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 300
age: 83751
cache-control: public, max-age=31536000, immutable
content-length: 239
content-type: text/html; charset=utf-8
date: Thu, 04 May 2023 18:02:47 GMT
etag: "a50de8d8d89863ca2f0c891c24668ec0"
last-modified: Thu, 04 May 2023 17:51:27 GMT
server: AmazonS3
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-id: HN_YwuWXOr9jZfP2EqHkHZU0qrQ_rq51DjKzptV6XoEAInA8S5354w==
x-amz-cf-pop: FRA6-C1
x-amz-meta-md5checksum: pQ3o2NiYY8ovDIkcJGaOwA==
x-amz-meta-version: 1.65.1
x-amz-server-side-encryption: AES256
x-amz-version-id: v4oYjYxNINeI_bNTIdj30SSerEPc40rC
x-cache: Hit from cloudfront

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
317 B 440ms
404ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&catalog_name=cap_pk_page_view&cap_pk_page_view_instance_id=9ffb0418-9710-41f9-83de-d214d588e825&cap_pk_page_view_client_id=CA-CI_SQ_SELLER&cap_pk_page_view_browser_name=Chrome&cap_pk_page_view_browser_version=113.0.5672.63&cap_pk_page_view_browser_width=1080&cap_pk_page_view_browser_height=2073&cap_pk_page_view_browser_major_version=113&cap_pk_page_view_os_version=10&cap_pk_page_view_os_name=Windows&cap_pk_page_view_base_url=https%3A%2F%2Fform.jotform.com&cap_pk_page_view_device_screen_height=1200&cap_pk_page_view_device_screen_width=1600&nocache=16833071171211

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca4c1d2c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
316 B 438ms
402ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca4c212c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ Frame BB32 0
43 B 407ms
405ms Ping
text/plain 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.48.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7c2aa4ca1a679262-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

GET
H2 200 enclave.js Show response
kit.cash.app/1.65.1/pay/ Frame 452B 135 KB
41 KB 9ms
9ms Script
text/javascript 2600:9000:2057:6600:1d:940e:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.cash.app/1.65.1/pay/enclave.js
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/1.65.1/pay/enclave.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6600:1d:940e:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cd3774e5053927453dba7cba88676792c3921b81be31af44c2795def3a3a69b

Request headers

Referer: https://kit.cash.app/1.65.1/pay/enclave.html
Origin: https://kit.cash.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 18:02:48 GMT
x-amz-version-id: WyYz_nuZZPot9fdmCxcjUk9A1ro5c7n4
content-encoding: gzip
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 83750
x-amz-server-side-encryption: AES256
x-amz-meta-version: 1.65.1
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 17:51:27 GMT
server: AmazonS3
etag: W/"701e40096f0f0da07a279254e1a089dd"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-md5checksum: cB5ACW8PDaB6J5JU4aCJ3Q==
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
x-amz-cf-id: cxN_zORbpkt8ztkzc_aHwdc98FmNN5hhPaGi3MZgfnQEIFYpRtqJmQ==

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 27C4 18 KB
8 KB 202ms
200ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fform.jotform.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c7075525a14b1dc6a995b78bce3cc43c46658309bdf80004e70793deb039608

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-KAbYuSzzbctab1VgcvP5cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-KAbYuSzzbctab1VgcvP5cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 05 May 2023 17:18:37 GMT
expires: Fri, 05 May 2023 17:18:37 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 452B 43 B
550 B 141ms
141ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kit.cash.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca7c6f2c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
316 B 408ms
408ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca8c8a2c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
316 B 404ms
402ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca8c9d2c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
316 B 423ms
421ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca8c9e2c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
317 B 136ms
135ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca8ca12c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
316 B 133ms
132ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca8ca42c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
316 B 127ms
126ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca8ca72c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
316 B 406ms
405ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4ca8ca82c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

POST
H2 201 requests Show response
api.cash.app/customer-request/v1/ Frame 452B 1 KB
775 B 290ms
289ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cash.app/customer-request/v1/requests
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/1.65.1/pay/enclave.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: cc059c79464ca18e3193314728d470824e431ce55dc0a17d4d93a1a7240f1275

Request headers

accept: application/json
Referer: https://kit.cash.app/
accept-language: de-DE,de;q=0.9
authorization: Client CA-CI_SQ_SELLER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 190
content-length: 595
x-served-by: cache-fra-eddf8230031-FRA
server: istio-envoy
x-timer: S1683307118.695228,VS0,VE283
vary: Origin, Origin, Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kit.cash.app
access-control-expose-headers: Content-Type
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 requests
api.cash.app/customer-request/v1/ Frame 0
0 481ms
443ms Preflight 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cash.app/customer-request/v1/requests
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://kit.cash.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Language,Content-Type,Last-Event-ID,Origin,X-Requested-With
access-control-allow-methods: POST
access-control-allow-origin: https://kit.cash.app
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS
content-length: 0
date: Fri, 05 May 2023 17:18:37 GMT
server: istio-envoy
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-upstream-service-time: 65
x-served-by: cache-fra-eddf8230031-FRA
x-timer: S1683307117.250400,VS0,VE437

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ATFjttTJEqc.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame 27C4 156 KB
56 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ATFjttTJEqc.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgr4lRp0GTSkRSg15RHlvQGz5P9gQ/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fform.jotform.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8229830849a5922bd99cb02bba5480b1a33c00e035ff699bd0b79343410e0d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56557
x-xss-protection: 0
last-modified: Thu, 04 May 2023 06:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 May 2024 16:28:36 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 27C4 2 KB
2 KB 121ms
120ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ATFjttTJEqc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKn... Frame 27C4 70 KB
26 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ATFjttTJEqc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKnjMrCWPFo.L.B1.O/am=wLEBQA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgo7a3dUB7HpIBB34OAYBd99uYlSQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ATFjttTJEqc.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgr4lRp0GTSkRSg15RHlvQGz5P9gQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

875ea570e871faae93907e8e60f182da41cdfb3bf4f48c6d8fc2043ba08e591b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26129
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:25:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 May 2024 16:28:37 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 27C4 1 MB
388 KB 80ms
80ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23031adb9d4282cfd4600a466f63cea160bd3f56eb3b7232c4c277f8792b1f63

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-v3elrdY7j8fneEVR2HtsYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-v3elrdY7j8fneEVR2HtsYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 05 May 2023 17:18:37 GMT

POST
H3 204 jserror Show response
pay.google.com/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 27C4 0
27 B 75ms
74ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/jserror?script=https%3A%2F%2Fpay.google.com%2Fgp%2Fp%2Fui%2Fpayframe%3Forigin%3Dhttps%253A%252F%252Fform.jotform.com%26mid%3D&error=Failed%20to%20construct%20%27PaymentRequest%27%3A%20Must%20be%20in%20a%20top-level%20browsing%20context%20or%20an%20iframe%20needs%20to%20specify%20allow%3D%22payment%22%20explicitly&line=Not%20available

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport, script-src 'report-sample' 'nonce-II3OWdOHS6C33lRL_X7oeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport, script-src 'report-sample' 'nonce-II3OWdOHS6C33lRL_X7oeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ATFjttTJEqc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKn... Frame 27C4 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ATFjttTJEqc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKnjMrCWPFo.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgo7a3dUB7HpIBB34OAYBd99uYlSQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbbd74e2fafce8b13519d464e4ce7848582e15be770525063574e83f88ffc1bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9390
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:25:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 May 2024 16:28:37 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ATFjttTJEqc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKn... Frame 27C4 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.ATFjttTJEqc.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fKnjMrCWPFo.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgo7a3dUB7HpIBB34OAYBd99uYlSQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1a23d026f71b0659c44efcfe7de03d181e65ab9c7d22b38b805d162899d4579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Thu, 04 May 2023 16:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13525
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:25:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 May 2024 16:28:37 GMT

POST
H3 200 log Show response
play.google.com/ Frame 27C4 131 B
155 B 58ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 17:18:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 65ms
40ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 05 May 2023 17:18:37 GMT
expires: Fri, 05 May 2023 17:18:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 27C4 131 B
155 B 59ms
44ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 17:18:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 63ms
41ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 05 May 2023 17:18:37 GMT
expires: Fri, 05 May 2023 17:18:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 63ms
41ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 05 May 2023 17:18:37 GMT
expires: Fri, 05 May 2023 17:18:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 27C4 131 B
155 B 56ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 17:18:37 GMT

GET
H2 200 frame.html Show response
connect.squareup.com/payments/data/ Frame F48A 33 KB
13 KB 235ms
201ms Document
text/html 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fform.jotform.com%2F230798380970063%3FisIframeEmbed%3D1

Requested by

Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae19ce47ec43c590b3eaa23ab8b6f6772d323ba1687e9826c674f7ff1a0762da

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c2aa4ccbe2e9bc4-FRA
content-encoding: gzip
content-security-policy: default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
content-type: text/html
date: Fri, 05 May 2023 17:18:37 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
nd.squarecdn.com/2.2/w/w-952168/sync/js/ Frame 7218 306 KB
57 KB 371ms
121ms Script
application/javascript 75.2.31.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.squarecdn.com/2.2/w/w-952168/sync/js/

Requested by

Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.31.133 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab3378e3025098c17.awsglobalaccelerator.com

Software

nginx /

Resource Hash

951f62049699a3f061ca90ed64f9bfd4e70ea9904428879349d6a02276b668c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-nds-datacontractrequirement1: Placement, No matching URL placement for w-952168 at https://form.jotform.com/.
date: Fri, 05 May 2023 17:18:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff, nosniff
x-nds-datacontractrequirement2: Placement, Placement page number has not been detected.
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-nds-datacontractrequirement0: Placement, Placement page has not been detected.
x-xss-protection: 1; mode=block, 1; mode=block

POST
H2 202 logs
csp-report.browser-intake-datadoghq.com/api/v2/ Frame F48A 0
0 419ms
190ms Other
application/json 2600:1f18:24e6:b901:c90:5688:943f:64f0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Requested by: Host: cattlemenscongress.com
URL: https://cattlemenscongress.com/conference/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:c90:5688:943f:64f0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.squareup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/csp-report

Response headers

POST
H2 200 token Show response
connect.squareup.com/v2/analytics/ Frame F48A 108 B
520 B 152ms
152ms XHR
application/json 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareup.com/v2/analytics/token

Requested by

Host: connect.squareup.com
URL: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fform.jotform.com%2F230798380970063%3FisIframeEmbed%3D1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a147e58ac0121dc20f6f54ba1403864427d55291c2ecd8c514db861c0068cf77

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fform.jotform.com%2F230798380970063%3FisIframeEmbed%3D1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
square-version: 2018-07-12
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-speleo-traceid: CDN-9a22d160-760e-4212-9baa-94e48bc45065
x-sq-region: iad2b
content-length: 126
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://connect.squareup.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7c2aa4ce58eb9bc4-FRA
access-control-allow-headers: Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ Frame 7218 0
67 B 440ms
439ms Ping
text/plain 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://form.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 05 May 2023 17:18:38 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://form.jotform.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7c2aa4ce58709262-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

POST
H3 200 log Show response
play.google.com/ Frame 27C4 131 B
155 B 42ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 05 May 2023 17:18:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 May 2023 17:18:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
39ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 05 May 2023 17:18:37 GMT
expires: Fri, 05 May 2023 17:18:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame 7218 43 B
331 B 126ms
125ms Image
image/gif 162.159.136.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKit&cap_pk_base_hostname=form.jotform.com&cap_pk_base_instance_id=9ffb0418-9710-41f9-83de-d214d588e825&cap_pk_base_customer_request_id=GRR_r7v23w4s9sx1ths8grpd8dmq&cap_pk_customer_request_action=CREATE&cap_pk_customer_request_raw=%7B%22event%22%3A%22CUSTOMER_REQUEST%3ACREATE%3AOK%22%2C%22eventData%22%3A%7B%22createCustomerRequestResponse%22%3A%7B%22actions%22%3A%5B%22ONE_TIME_PAYMENT%22%5D%2C%22authFlowTriggers%22%3A%7B%22mobileURL%22%3A%22https%3A%2F%2Fapi.cash.app%2Fcustomer-request%2Fv1%2Frequests%2FGRR_r7v23w4s9sx1ths8grpd8dmq%2Finterstitial%3Fvalidity_token%3Dkrxxt0%22%2C%22qrCodeImageURL%22%3A%22https%3A%2F%2Fapi.cash.app%2Fqr%2Ff%2FGRANTLY_MANAGED_GRANT%253Frequest_id%3DGRR_r7v23w4s9sx1ths8grpd8dmq-krxxt0%26method%3Dqr%26type%3Dcap%3Frounded%3D0%26format%3Dpng%22%2C%22refreshesAt%22%3A%222023-05-05T17%3A19%3A07.787Z%22%7D%2C%22customerProfile%22%3A%7B%22cashtag%22%3A%22%22%2C%22id%22%3A%22%22%7D%2C%22expiresAt%22%3A%222023-05-05T18%3A18%3A37.787Z%22%2C%22id%22%3A%22GRR_r7v23w4s9sx1ths8grpd8dmq%22%2C%22requesterProfile%22%3A%7B%22logoURL%22%3A%22https%3A%2F%2Ffranklin-assets.s3.amazonaws.com%2Fmerchants%2Fassets%2Fv3%2Fgeneric%2Fm_category_business.png%22%2C%22name%22%3A%22The%20Cattlemen%27s%20Congress%2C%20Inc.%22%7D%2C%22status%22%3A%22PENDING%22%7D%2C%22customerRequestId%22%3A%22GRR_r7v23w4s9sx1ths8grpd8dmq%22%7D%2C%22eventSource%22%3A%22PayKit%22%7D&cap_pk_customer_request_status=OK&catalog_name=cap_pk_customer_request&nocache=168330711798710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.136.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7c2aa4cf7ef52c1a-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
nd.squarecdn.com/2.2/w/w-952168/init/js/ Frame 7218 537 B
1 KB 111ms
111ms Script
application/javascript 75.2.31.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.squarecdn.com/2.2/w/w-952168/init/js/?q=%7B%22e%22%3A335334%2C%22oq%22%3A%221080%3A2073%3A1600%3A1200%3A1600%3A1200%22%2C%22wfi%22%3A%22flap-1%22%2C%22ji%22%3A%222.3.1%22%2C%22yf%22%3A%7B%7D%2C%22uers%22%3A%22uggcf%3A%2F%2Fsbez.wbgsbez.pbz%2F230798380970063%3FvfVsenzrRzorq%3D1%22%2C%22ov%22%3A%22o2%7C1600k1200%201600k1200%2024%2024%7C0%7Cra-HF%7Coc1-q400qo6n8n86q525%7Csnyfr%7Cuggcf%3A%2F%2Fpnggyrzrafpbaterff.pbz%2F%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F113.0.5672.63%20Fnsnev%2F537.36%7Cjt1-n46p01n68sp5740r%22%7D

Requested by

Host: nd.squarecdn.com
URL: https://nd.squarecdn.com/2.2/w/w-952168/sync/js/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.31.133 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab3378e3025098c17.awsglobalaccelerator.com

Software

nginx /

Resource Hash

d1659769af517b0b890b64f61e95fd485c048507b850f394623126d56d23cd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 17:18:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff, nosniff
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
content-length: 537
x-xss-protection: 1; mode=block

OPTIONS
H2 204 log-event
pay.cash.app/api/ Frame 0
0 774ms
705ms Preflight 162.159.140.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.cash.app/api/log-event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.44 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://kit.cash.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://kit.cash.app
cf-cache-status: DYNAMIC
cf-ray: 7c2aa4d039479b25-FRA
date: Fri, 05 May 2023 17:18:38 GMT
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding

POST
H2 200 log-event Show response
pay.cash.app/api/ Frame 452B 2 B
292 B 621ms
620ms Fetch 162.159.140.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.cash.app/api/log-event

Requested by

Host: kit.cash.app
URL: https://kit.cash.app/1.65.1/pay/enclave.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.44 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://kit.cash.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Fri, 05 May 2023 17:18:39 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
etag: "10oushnafi62"
vary: Origin, Accept-Encoding
access-control-allow-origin: https://kit.cash.app
cf-ray: 7c2aa4d4b86f9b25-FRA
content-length: 2

OPTIONS
H2 200 GRR_r7v23w4s9sx1ths8grpd8dmq
api.cash.app/customer-request/v1/requests/ Frame 0
0 446ms
446ms Preflight 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cash.app/customer-request/v1/requests/GRR_r7v23w4s9sx1ths8grpd8dmq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://kit.cash.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Language,Content-Type,Last-Event-ID,Origin,X-Requested-With
access-control-allow-methods: GET,PATCH
access-control-allow-origin: https://kit.cash.app
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS
content-length: 0
date: Fri, 05 May 2023 17:18:38 GMT
server: istio-envoy
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-upstream-service-time: 63
x-served-by: cache-fra-eddf8230031-FRA
x-timer: S1683307118.052586,VS0,VE439

GET
H2 200 GRR_r7v23w4s9sx1ths8grpd8dmq Show response
api.cash.app/customer-request/v1/requests/ Frame 452B 1 KB
681 B 170ms
169ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cash.app/customer-request/v1/requests/GRR_r7v23w4s9sx1ths8grpd8dmq
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/1.65.1/pay/enclave.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: cc059c79464ca18e3193314728d470824e431ce55dc0a17d4d93a1a7240f1275

Request headers

accept: application/json
Referer: https://kit.cash.app/
accept-language: de-DE,de;q=0.9
authorization: Client CA-CI_SQ_SELLER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Fri, 05 May 2023 17:18:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 69
content-length: 595
x-served-by: cache-fra-eddf8230031-FRA
server: istio-envoy
x-timer: S1683307118.499504,VS0,VE163
vary: Origin, Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kit.cash.app
access-control-expose-headers: Content-Type
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ Frame 7218 0
44 B 134ms
133ms Ping
text/plain 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://form.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 05 May 2023 17:18:38 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://form.jotform.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7c2aa4d47eb79262-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: form.jotform.com
URL: https://form.jotform.com/230798380970063

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cattlemenscongress.com/	1970-01-20 11:36:33	Name: _gid Value: GA1.2.1327825799.1683307115
.cattlemenscongress.com/	1970-01-20 11:35:07	Name: _gat_gtag_UA_175830709_5 Value: 1
.cattlemenscongress.com/	1970-01-20 21:11:07	Name: _ga_2GG100W4DJ Value: GS1.1.1683307115.1.0.1683307115.0.0.0
.cattlemenscongress.com/	1970-01-20 21:11:07	Name: _ga Value: GA1.1.1005208593.1683307115
.squareup.com/	1970-01-20 21:11:07	Name: _savt Value: 82a19e6e-f42a-43ec-bce7-65d862170bbd
.google.com/	1970-01-20 15:58:38	Name: NID Value: 511=vwEOlBu3kvRvG7lO5MTcSvxwCCYXl-QjWZBRZYv3KwxPLafYSwKwC5zq1eZfs1RIhrCJ-4WVyun1XV4QSbtTm_N-SML3SOLpjCRxy3fqalsZtmn1V3Q0W-oCg9-531ssuXN80CPLwMQASlFCAneM36nDzF3HRt81T4iYTRDuWtc
.pci-connect.squareup.com/	1970-01-20 11:35:08	Name: __cf_bm Value: RU0SA9lGVKaSPVtuQlcVKs3yrQC5FIyvOgPwSn7Eklg-1683307117-0-ARQBpau4YgSvu7iIRonuJKTP1QqyYXtgmLhq+RTVpvuPuceArEZx6Huj7/n+X5gWIxfRZLRV7XcEEOSBSCDIqjg=
.js.squareup.com/	1970-01-20 11:35:08	Name: __cf_bm Value: NrZicsBoak7N6VAdmKdgq61NTkUP49KXj6IJ1bcPvkg-1683307117-0-AcLGmTM0jbQrrEO28By20APQbCSWrucxFnRLP6luhJbpDAcMphpRW/T8ZELin+qC34w27PfXSptb9NBy9BfGvuM=
.api.squareup.com/	1970-01-20 11:35:08	Name: __cf_bm Value: LcAVNZ_qlrgNy5pS02XMsItiqXX9o5JFy0dzcaonP4g-1683307117-0-AT6gaPz8QdC6e1gv98MyLe5gViX/qwoJlZw62BPr64hUZFUmaUb3YqkUwUtCZcgCMvdzJXFck9xrrvLFeo5OND0=
.connect.squareup.com/	1970-01-20 11:35:08	Name: __cf_bm Value: 1fmVNeIaoGt8P..qjc71jARbCNWmtGHO.LaNqyf8eNo-1683307117-0-AeZZBTMP5h3i+JLF4CCvySB2k5VY6BlAibewPTr/Rd8J/ECs5n9ZXD2PTjHyVGjKXlOh738HwNKfkSC+P2e63gc=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://web.squarecdn.com/v1/square.js Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://web.squarecdn.com/v1/square.js Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cash.app
api.jotform.com
api.squareup.com
cattlemenscongress.com
ccongress.wpengine.com
cdn.jotfor.ms
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cdnjs.cloudflare.com
connect.squareup.com
csp-report.browser-intake-datadoghq.com
events.jotform.com
files.jotform.com
fonts.gstatic.com
form.jotform.com
js.squareup.com
kit.cash.app
nd.squarecdn.com
pay.cash.app
pay.google.com
pci-connect.squareup.com
play.google.com
region1.google-analytics.com
web.squarecdn.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.jotform.com
form.jotform.com
151.101.2.133
162.159.136.66
162.159.140.44
162.159.140.47
2001:4860:4802:32::36
2600:1f18:24e6:b901:c90:5688:943f:64f0
2600:9000:2057:6600:1d:940e:c980:93a1
2600:9000:223d:1600:13:4005:e4c0:93a1
2606:4700:10::6816:4851
2606:4700:10::6816:4951
2606:4700:10::ac43:76b
2606:4700:11::6817:860b
2606:4700::6811:180e
2a00:1450:4001:800::200e
2a00:1450:4001:810::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c07::5c
35.190.41.132
35.201.118.58
35.202.169.15
75.2.31.133
018608792bf8b43854e08b342a92ec055a67272a6bb4486126f8a666ac999bcd
01ffc8802167df3b7c029549092fd0aa9f0712e089ef4e26c543376de69faa91
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e
0acff9a8216c920ae0897d1f041abd705c0b02d37cd87e1f20994a305d677bb7
0b5eae255ffe44617a501128a0631bd46d07e7fdbd745e9fb1f742990bc76d04
0e53a639010f02dd7e7c3859f82daeffa535fc069b3e4145640af023dc386f86
124999106b36b91138193de6ae365bc2e97ec51e122e2f967318ce3d662b561b
1973e85becf3669fe75130a744372fbff307fe92f8ff8d6b8b8739a82904d96e
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
22f3c0bad20a824194399d60c1009b4e602260f8de243eec5319c695813a78cd
23031adb9d4282cfd4600a466f63cea160bd3f56eb3b7232c4c277f8792b1f63
2414767fbf3e93d3269cb3795b6c667da0f58a8f662dfd8aabb0807243d1134f
248a1075a0c6bd06c4f88ba216bb1e53ea9313b8cc4034a2781768d140ad0bc5
25913f11ebe39024e72a7ed5911bde562d500a5e76181fa2a11fa6dd6c56619c
2c7075525a14b1dc6a995b78bce3cc43c46658309bdf80004e70793deb039608
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
30abb3e0f8dc461f6e1a3e5d8ed0116d97a75e31343af1714188ca19c7fd7644
31580a3f0e534e33aa4e5940d9b6deacdb0801e8cbd9bbaa69b4269e9c43b9ea
3c316558e18d2996ed4394bc36b17d993c21584f30d16dd0e6d87673f5892c18
3c3e418bbd1355279dc9a7b5d7a6ff58a73432bd49d6082a0f1544cc1c593e5c
3c5dd1edd957e3de32a69e7b45544880fd42459b0358b4e10fd20e2aaad49f17
41f4ceddebe04630fe781aadd9956883463438f1df6a6e93bbef067c1fa00699
43585ee452b4ae41fa2e65afcd240b5613c2110dd185bdba3755b91643413bb6
462747422c6af30aa81a0373fa1cfd736455cef52bdbb816f67be9531d84eace
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
49176b244de4b07d2a8a79cd8663a2fced053acc22b1807929521665d09f3e3a
4af4cfb27c47f48d8ef1e76352a42aeaeac1ec46c4a15be7c0a055bebd3b6f72
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50541f133b1c01d8d8eada674b7243eb4996cd9df559f7e47e9abf0a98f7d03e
52d94daabc798cd6194ce37f536bff13c5c6fe78e7970d3e57e5107bf93fc74c
544278ca9219edd87d53ddeeeb7748488af6cf0fee6d38c118526df9970a1a95
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56a338fee285b3fc2499b7d0c35717b08f0a99f1052094b3789cf1de46bf8c6f
56c81b4086d742cf938f6fbc06de7dab26cce2ea6a889b6cf94a356251495631
58044dcadb021ba1d5b6b86226db1b7f34ca0c55b797b6b5d5e67f68edd0224d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
7751d5a2deeb6b3d18873c7f1837dedfc330136a8e7cc2116bb5f22f1dfe3855
7f52a67efde6061b08523ce2243e232ce337d094b30bb5bfe6c3aeff3df81b6d
875ea570e871faae93907e8e60f182da41cdfb3bf4f48c6d8fc2043ba08e591b
88795f28bb66a45f9c32245dd21d6319ed5d26a45bf5afa31d91a0f83ee855f7
8cd3774e5053927453dba7cba88676792c3921b81be31af44c2795def3a3a69b
902af5aebf9b9e9cf267f84a747b108bc81f4e82dd7b779fd288643033c22dff
951f62049699a3f061ca90ed64f9bfd4e70ea9904428879349d6a02276b668c5
99956046170e543e30ebf55f7cd5b491f7f7e8eef0bb7a3a5e5c8c776c7e6e23
a147e58ac0121dc20f6f54ba1403864427d55291c2ecd8c514db861c0068cf77
a563aa60395e445bac4f1baba89a0f12006b52c9ba8619f094ea8595d903346f
a929586e4010174b728088da5cdead8e55e0fc4b56aff666aa934b4f2af002d5
a9a223996c915281cd15b8000a6b0a5b41d7b486d1b6bb317842e994b321bad5
ae19ce47ec43c590b3eaa23ab8b6f6772d323ba1687e9826c674f7ff1a0762da
aeeceb3f8c2f0a837de44e66a7af18d4a960c9f210c95453d77a67bbe256396c
b07c5a190550640f131dc96b0df1da71285b08fa3c8f6b05404c8edb6d2188d4
b0fb77b59abbcbd548c0f92921372cabcebad95e76087554ac7337abc97f6c44
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380
b6a62cf033caeb973492ea18c06fc13b91cc79353cf52af42ef4fb2d5331049e
b6cb81ab258a358b6de4f27913771b4647c206107bdad2926eb912d005bc1e01
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
bf7c6e6a62e535dcce4f52f92c3238d65e49b3dc1a75c25e7ce5589fba41140a
c1a23d026f71b0659c44efcfe7de03d181e65ab9c7d22b38b805d162899d4579
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c51c3028c3f41ebf6ab37f80b117a3e46bf8916e2f04465b1d8d8a84d9d69233
c532b102ff628515542320f1b6faa0e755b37c2210f8811ffc55f93fe69e2979
c60462a13076bea84c6a3cbf1dd87bbc0f39c877b0f31ead3c9fd45dfb15f336
c65b3db605be9709573951eb560b092f6ac76af88231a59fad750cc69d1e49a3
ca3af915877e0f119ce0df14dfce6249f76222c600e23882fa7c7f99788971cc
cc059c79464ca18e3193314728d470824e431ce55dc0a17d4d93a1a7240f1275
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccc1a0ee01e22bbd18c25e34e5351dd389466729612409c2552b7c21109506b6
cd62e1811abf5572388bb4f4ef47d76dcfad942156d4eb5acdfe7d64a17e7924
cf5be49f60a315f84b8984af1d0f37e5a4e0fcc67b84540f5ec36d5f8d1ae2da
d1659769af517b0b890b64f61e95fd485c048507b850f394623126d56d23cd76
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475
daa26b4e27d0c52ce264a88a323d939b6193ffe96b66b8d592f41d729c6fe758
de61bcca0f2523df449da6fefada7081acacd9529e2a7ee66ea6fe7857378282
e103f8eeb3f4ba878184dea6d2137c6d5d2e0356e62fb5b8385c3d0e0ec598fd
e10c3dfc668baea041b5bce1aac0d8452c7892235c48709ccb9eab2f50c76004
e12e95176d4efb550a002ba411794aae00c31d552761c984e8d3ec33d597dbb1
e200501ecfcf50a000092f9e08ee86aece49825d86d7fae3cbe9cbada96b9da5
e2e20f3c0b22d0a8b6d25bcba002fda39d8e8b02a94024fc738f31387179c0c6
e3220bbfceb05b53ecf67a58603460bd8cd17ba4a55344d801dc3c9cd0e9e16f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d9d621729fd263697106d518ec308781175dbabe71ecc98a1f87793c39247e
e5502b70e93fe8aae0a18d70999b58875d3aa66a832c889e58713b5927f41a29
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8229830849a5922bd99cb02bba5480b1a33c00e035ff699bd0b79343410e0d9
ee0020b35872f999aee59662bc96b658c00a34eea131eae683d1294788f2675d
ee54d5fc4d46e09c704a6cba0ddf308cada165c30493548035419da8bd98b97e
f3e4a06f8518d0b05c817c35ab157d8f171674c4c96144db765d15fd2870900a
f5156c4b4a517e8e887ef5dd291e64654c57323b2d746e11794856104ce1fd73
f7fb73c592088aae823d942719bc16971766ae789c37f83de068cafcdc780cc8
fa5ba6fab394d537af1ad89a49479e9953ab0f96251532163c794a3ccea938e3
fbbd74e2fafce8b13519d464e4ce7848582e15be770525063574e83f88ffc1bf
fbfb7cf0faeba70db28a9ed1a35b932b2a85bac25d27b1859befec067937393f

cattlemenscongress.com Open in urlscan Pro 35.202.169.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

98 %HTTPS

65 %IPv6

13 Domains

29 Subdomains

24 IPs

4 Countries

4972 kBTransfer

9884 kBSize

10 Cookies

10 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cattlemenscongress.com Open in urlscan Pro
35.202.169.15 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

98 %
HTTPS

65 %
IPv6

13
Domains

29
Subdomains

24
IPs

4
Countries

4972 kB
Transfer

9884 kB
Size

10
Cookies

127 HTTP transactions
4 data transactions