form.jotform.com Open in urlscan Pro
35.201.118.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rmhc.otpnation.xyz/
Effective URL:
https://form.jotform.com/221885846290062
Submission: On February 27 via manual (February 27th 2023, 8:45:30 pm UTC) from US — Scanned from DE

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 11 domains to perform 66 HTTP transactions. The main IP is 35.201.118.58, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is form.jotform.com. The Cisco Umbrella rank of the primary domain is 20119.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 10th 2023. Valid for: 9 months.

This is the only time form.jotform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:400d:807::2013	15169 (GOOGLE) (GOOGLE)
1	35.201.118.58 35.201.118.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2606:4700:10:... 2606:4700:10::ac43:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
2	2606:4700:10:... 2606:4700:10::6816:4951	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:4851	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700:11:... 2606:4700:11::6817:860b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.41.132 35.190.41.132	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223d:a400:13:4005:e4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	13.248.205.93 13.248.205.93	16509 (AMAZON-02) (AMAZON-02)
1	76.223.91.57 76.223.91.57	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:211... 2600:9000:211a:8400:1d:940e:c980:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:401... 2a00:1450:4013:c03::5c	15169 (GOOGLE) (GOOGLE)
9	162.159.137.66 162.159.137.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.83.176.153 99.83.176.153	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
66	19

1 2a00:1450:400d:807::2013 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

rmhc.otpnation.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.118.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.118.201.35.bc.googleusercontent.com

form.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::ac43:76b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4951 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn01.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4851 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn02.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn03.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:11::6817:860b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.41.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.41.190.35.bc.googleusercontent.com

files.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223d:a400:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.248.205.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad42d0847b05b89b1.awsglobalaccelerator.com

pci-connect.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.91.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad42d0847b05b89b1.awsglobalaccelerator.com

js.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211a:8400:1d:940e:c980:93a1 (United States)

ASN16509 (AMAZON-02, US)

kit.cash.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c03::5c (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.159.137.66 (None, )

ASN13335 (CLOUDFLARENET, US)

api.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.176.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab3378e3025098c17.awsglobalaccelerator.com

nd.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	squareup.com pci-connect.squareup.com — Cisco Umbrella Rank: 44976 js.squareup.com — Cisco Umbrella Rank: 36808 api.squareup.com — Cisco Umbrella Rank: 18579 connect.squareup.com — Cisco Umbrella Rank: 39590 squareup.com — Cisco Umbrella Rank: 12543	45 KB
13	google.com pay.google.com — Cisco Umbrella Rank: 2786 play.google.com — Cisco Umbrella Rank: 29	430 KB
11	jotfor.ms cdn.jotfor.ms — Cisco Umbrella Rank: 19133 cdn01.jotfor.ms — Cisco Umbrella Rank: 21063 cdn02.jotfor.ms — Cisco Umbrella Rank: 21190 cdn03.jotfor.ms — Cisco Umbrella Rank: 21642	421 KB
6	squarecdn.com web.squarecdn.com — Cisco Umbrella Rank: 27178 nd.squarecdn.com — Cisco Umbrella Rank: 52750	261 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	135 KB
6	jotform.com 1 redirects form.jotform.com — Cisco Umbrella Rank: 20119 www.jotform.com — Cisco Umbrella Rank: 26503 files.jotform.com — Cisco Umbrella Rank: 31153 events.jotform.com — Cisco Umbrella Rank: 21061 api.jotform.com — Cisco Umbrella Rank: 92834	1 MB
3	cash.app kit.cash.app — Cisco Umbrella Rank: 369238	118 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	5 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4041	17 KB
1	otpnation.xyz 1 redirects rmhc.otpnation.xyz	247 B
66	11

	Domain	Requested by
9	play.google.com	www.gstatic.com
8	api.squareup.com
7	pci-connect.squareup.com	web.squarecdn.com
7	cdn.jotfor.ms	form.jotform.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	web.squarecdn.com pay.google.com form.jotform.com www.gstatic.com
4	web.squarecdn.com	cdn01.jotfor.ms web.squarecdn.com
3	kit.cash.app	web.squarecdn.com kit.cash.app
2	nd.squarecdn.com	js.squareup.com nd.squarecdn.com
2	connect.squareup.com	js.squareup.com connect.squareup.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.jotform.com	1 redirects form.jotform.com
2	cdn01.jotfor.ms	form.jotform.com
1	squareup.com	form.jotform.com
1	js.squareup.com	web.squarecdn.com
1	api.jotform.com	cdn02.jotfor.ms
1	events.jotform.com	form.jotform.com
1	fonts.googleapis.com	cdn.jotfor.ms
1	files.jotform.com	form.jotform.com
1	cdn03.jotfor.ms	form.jotform.com
1	cdnjs.cloudflare.com	form.jotform.com
1	cdn02.jotfor.ms	form.jotform.com
1	browser.sentry-cdn.com	form.jotform.com
1	form.jotform.com
1	rmhc.otpnation.xyz	1 redirects
66	25

This site contains no links.

Subject Issuer	Validity	Valid
jotform.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-10` - `2023-10-20`	9 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
web.squarecdn.com Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh
api.squareup.com Entrust Certification Authority - L1K	`2022-05-11` - `2023-05-10`	a year	crt.sh
api-global.squareup.com Amazon RSA 2048 M02	`2023-02-16` - `2024-03-16`	a year	crt.sh
kit.cash.app Amazon	`2023-01-11` - `2024-02-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
images.squareup.com Amazon	`2022-04-22` - `2023-05-21`	a year	crt.sh
nd.squarecdn.com Amazon	`2022-12-26` - `2024-01-24`	a year	crt.sh
squareup.com Cloudflare Inc ECC CA-3	`2022-11-11` - `2023-11-11`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://form.jotform.com/221885846290062
Frame ID: AA57CBE6BFC8963DB3D4C1112007F685
Requests: 41 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.45.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com
Frame ID: C6CFE99FF2A7849CFE0500409D48BA38
Requests: 4 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.45.3/single-card-element-iframe.html
Frame ID: C355FC1213FDB51BF33E08BB7CAEC117
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fform.jotform.com&mid=
Frame ID: 168461E1A6A2415C4DEA8040690666A0
Requests: 12 HTTP requests in this frame

Frame: https://kit.cash.app/1.56.1/pay/enclave.html
Frame ID: EE75012B07762518E0A1A92AAE308086
Requests: 3 HTTP requests in this frame

Frame: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fform.jotform.com%2F221885846290062
Frame ID: D86D69A81A991811D8877DC792F8FD2F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2022 OTPND RMHC Donation

Page URL History Show full URLs

http://rmhc.otpnation.xyz/ HTTP 301
https://form.jotform.com/221885846290062 Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Square (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.squareup\.com

Page Statistics

66
Requests

98 %
HTTPS

68 %
IPv6

11
Domains

25
Subdomains

19
IPs

5
Countries

2762 kB
Transfer

6390 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rmhc.otpnation.xyz/ HTTP 301
https://form.jotform.com/221885846290062 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://www.jotform.com/uploads/RivelloSupport/form_files/OTPND%20RMHC.633d8fcb105237.56217589.png HTTP 302
https://files.jotform.com/jufs/RivelloSupport/form_files/OTPND%20RMHC.633d8fcb105237.56217589.png?md5=mRE-N045hjZ4kK0oZW8-sg&expires=1677530735

66 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 221885846290062 Show response
form.jotform.com/
Redirect Chain

http://rmhc.otpnation.xyz/
https://form.jotform.com/221885846290062

69 KB
13 KB

218ms
124ms

Document
text/html

35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v2.1 /
Resource Hash: 0c973f26aa56fd5003ca94a620f5b3614a9d6701dc23569b20e36ab7fb9ecd29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
cache-hit: 1
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 20:45:25 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: CacheX v2.1
vary: Accept-Encoding
via: 1.1 google

Redirect headers

Content-Length: 237
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Feb 2023 20:45:25 GMT
Location: https://form.jotform.com/221885846290062
Server: ghs
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0

GET
H2 200 default.css
cdn.jotfor.ms/stylebuilder/ 271 KB
52 KB 67ms
16ms Stylesheet
text/css 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/default.css?390b350c
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc60ee221135af6b641f19ab599019d13e79af7d3a8af4cf9318ac910c445a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 7731597
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
x-static: 2
pragma: no-cache
last-modified: Wed, 30 Nov 2022 09:05:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-form-cache: MISS-APP
cf-ray: 7a03c399382e9067-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT, Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 221885846290062.css
cdn.jotfor.ms/stylebuilder/ 47 KB
9 KB 214ms
163ms Stylesheet
text/css 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/221885846290062.css?themeID=59678777cf3bfe58704d6591
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 389e4968243e1ad3c1522d3fa146679a6408e65162ad18d446e3e07731f3e2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
x-static: 2
pragma: no-cache
last-modified: Mon, 27 Feb 2023 20:45:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=3600
x-form-cache: MISS-APP
cf-ray: 7a03c39938309067-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT, Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.12.1/ 55 KB
17 KB 33ms
7ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.12.1/bundle.min.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/221885846290062

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://form.jotform.com/
Origin: https://form.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 04 Feb 2020 11:19:05 GMT
server: Fastly
age: 7134156
etag: "1c5228c89d281d08aa0ce908f582609a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17201
expires: Thu, 07 Dec 2023 07:02:48 GMT

GET
H2 200 prototype.forms.js Show response
cdn01.jotfor.ms/static/ 126 KB
33 KB 59ms
21ms Script
application/x-javascript 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.37082
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 26 Feb 2023 17:40:31 GMT
server: cloudflare
age: 81879
etag: W/"63fb998f-1f932"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 7a03c3992ab1bb9d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jotform.forms.js Show response
cdn02.jotfor.ms/static/ 552 KB
145 KB 52ms
16ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.37082
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bab0f6af2f9b2e30ff55ff3574d96611cd4b4d672a692c7b94c2907dbe6e175

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 26 Feb 2023 17:40:31 GMT
server: cloudflare
age: 81462
etag: W/"63fb998f-89f7b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 7a03c3992b5b3659-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 punycode.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ 14 KB
5 KB 36ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/221885846290062

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2092352
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4177
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-394e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNgBHUztj3c3xbjFSS1L74fSymKpUP5o0BAUm8PR%2FvPT5K3AwTOXmK9VADRFkEapzkji%2FLB3OpG1NqLGsMO%2FZVS5CZaLXwqvyHPzpEcuveMbP1hYehYvVo5CUkbF8dq8s9d3ykBzz4zniPaoBTC%2B8VK%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a03c39a5b993685-FRA
expires: Sat, 17 Feb 2024 20:45:25 GMT

GET
H2 200 paymentUtils.js Show response
cdn03.jotfor.ms/js/payments/ 27 KB
9 KB 174ms
139ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/js/payments/paymentUtils.js?v=3.3.37082
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6950f78b5df5f84fce7652a044dc28d7eeebd1faa53d17c0a0c5bf84bc6415b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-static: 2
date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
last-modified: Thu, 26 Jan 2023 12:53:40 GMT
server: cloudflare
etag: W/"63d277d4-6d61"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
cf-ray: 7a03c3992d0b2c22-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 square.js Show response
cdn01.jotfor.ms/js/ 58 KB
11 KB 183ms
147ms Script
application/x-javascript 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/js/square.js?v=3.3.37082
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602247c2a7c6a62787edbdd6152bd33a56235af8e6631bba37ab7b5d2d7251ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-static: 2
date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
last-modified: Tue, 13 Dec 2022 12:20:27 GMT
server: cloudflare
etag: W/"63986e0b-e651"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
cf-ray: 7a03c3992ab3bb9d-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

OTPND%20RMHC.633d8fcb105237.56217589.png
files.jotform.com/jufs/RivelloSupport/form_files/
Redirect Chain

https://www.jotform.com/uploads/RivelloSupport/form_files/OTPND%20RMHC.633d8fcb105237.56217589.png
https://files.jotform.com/jufs/RivelloSupport/form_files/OTPND%20RMHC.633d8fcb105237.56217589.png?md5=mRE-N045hjZ4kK0oZW8-sg&expires=1677530735

1 MB
1 MB

201ms
121ms

Image
image/png

35.190.41.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jotform.com/jufs/RivelloSupport/form_files/OTPND%20RMHC.633d8fcb105237.56217589.png?md5=mRE-N045hjZ4kK0oZW8-sg&expires=1677530735
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Server: 35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.41.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 80de600a59fab721a05d8300853c7147eb7fc3d0d90d0eab55070eac38881231

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Feb 2023 20:45:25 GMT
via: 1.1 google
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: OPTIONS, GET
content-type: image/png

Redirect headers

date: Mon, 27 Feb 2023 20:45:25 GMT
strict-transport-security: max-age=600000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Mon, 27 Feb 2023 20:45:25 GMT
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://files.jotform.com/jufs/RivelloSupport/form_files/OTPND%20RMHC.633d8fcb105237.56217589.png?md5=mRE-N045hjZ4kK0oZW8-sg&expires=1677530735
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7a03c39aca329c0c-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 CC_icon.png
cdn.jotfor.ms/assets/img/payments/ 4 KB
5 KB 15ms
15ms Image
image/png 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/CC_icon.png
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f4ceddebe04630fe781aadd9956883463438f1df6a6e93bbef067c1fa00699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
via: 1.1 google
cf-cache-status: HIT
age: 3778891
content-length: 4545
last-modified: Thu, 10 Feb 2022 14:19:31 GMT
server: cloudflare
etag: "62051ef3-11c1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7a03c39b0a9c9067-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 square_cashApp.png
cdn.jotfor.ms/assets/img/payments/ 1 KB
1 KB 19ms
18ms Image
image/png 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/square_cashApp.png
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa26b4e27d0c52ce264a88a323d939b6193ffe96b66b8d592f41d729c6fe758

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
via: 1.1 google
cf-cache-status: HIT
age: 1555668
content-length: 1213
last-modified: Thu, 10 Feb 2022 14:19:31 GMT
server: cloudflare
etag: "62051ef3-4bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7a03c39b1aa39067-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 googlePay.png
cdn.jotfor.ms/assets/img/payments/ 1 KB
1 KB 21ms
20ms Image
image/png 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/googlePay.png
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd62e1811abf5572388bb4f4ef47d76dcfad942156d4eb5acdfe7d64a17e7924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
via: 1.1 google
cf-cache-status: HIT
age: 3290848
content-length: 1238
last-modified: Mon, 07 Mar 2022 07:59:35 GMT
server: cloudflare
etag: "6225bb67-4d6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7a03c39b1aa49067-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 apple_icon_black.png
cdn.jotfor.ms/assets/img/payments/ 546 B
654 B 14ms
13ms Image
image/png 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/apple_icon_black.png
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c60462a13076bea84c6a3cbf1dd87bbc0f39c877b0f31ead3c9fd45dfb15f336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
via: 1.1 google
cf-cache-status: HIT
age: 1922655
content-length: 546
last-modified: Thu, 10 Feb 2022 10:50:14 GMT
server: cloudflare
etag: "6204ede6-222"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7a03c39b1aa59067-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 layout.min.js Show response
cdn.jotfor.ms/cardforms/ 563 KB
155 KB 15ms
15ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/cardforms/layout.min.js?390b350c
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5392eaafbf2ad6e0b97924c030343f82f8c037fb8e2a8b43bd00c9bdbfb79326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Sun, 20 Nov 2022 10:30:43 GMT
server: cloudflare
age: 2051120
etag: W/"637a01d3-8ccd7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
cf-ray: 7a03c39a09399067-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ownerView.php Show response
www.jotform.com/ 0
75 B 137ms
137ms Script
text/html 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jotform.com/ownerView.php?id=221885846290062
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7a03c39b1aad9c0c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 132ms
53ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Requested by

Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/221885846290062.css?themeID=59678777cf3bfe58704d6591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

591709b12d91ff9bbca46087e12e52534d03f15fcc7c22abff519d8ea359a308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jotfor.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Feb 2023 20:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 20:37:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Feb 2023 20:45:25 GMT

GET
DATA 200
OK truncated
/ 291 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45ab83495a675c12b6ce3eabb2182563b5067df721149dc0bb33c3c9fc32464e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 698 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 288 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 305 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bef085ac7e8a6a093f26be0f257f1e9f88d59a8249b8ed9b7b678e4dc86688f8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 60ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://form.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 69379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 01:29:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 55ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://form.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:19:10 GMT
x-content-type-options: nosniff
age: 311175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 06:19:10 GMT

GET
H2 200 square.js Show response
web.squarecdn.com/v1/ 352 KB
103 KB 100ms
10ms Script
application/javascript 2600:9000:223d:a400:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/v1/square.js
Requested by: Host: cdn01.jotfor.ms
URL: https://cdn01.jotfor.ms/js/square.js?v=3.3.37082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a400:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 743896b34c6671fdc6d40c2b423b8481ad9ddd47c38860f173f19c15cc29602b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Lsk4iM_X6HxlLh0dp4nOZjgAxEWTveG4
content-encoding: gzip
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
date: Mon, 27 Feb 2023 04:44:11 GMT
x-amz-cf-pop: FRA56-P3
age: 62197
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-websdk-version: 1.45.3
last-modified: Fri, 27 Jan 2023 17:36:42 GMT
server: AmazonS3
etag: W/"c0c77a2010341edca9700e0b2a67a215"
access-control-max-age: 300
x-amz-meta-md5checksum: wMd6IBA0HtypcA4LKmeiFQ==
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: 6l8q8V0dU5hAt4_okQDUEE8EsHX0WId6bUFL4BrVjT6glGpsvW2A2A==

GET
H2 204 /
events.jotform.com/form/221885846290062/ 0
172 B 164ms
133ms Image
text/plain 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/form/221885846290062/?ref=&res=1600x1200&eventID=1677530725770_221885846290062_FViuo3S&loc=https%253A%252F%252Fform.jotform.com%252F221885846290062
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 20:45:25 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Feb 2023 15:45:25 GMT
server: cloudflare
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7a03c39c4c969c0c-FRA
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 getPublicParams Show response
api.jotform.com/payment/square/ 211 B
672 B 197ms
145ms XHR
application/json 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.jotform.com/payment/square/getPublicParams?formID=221885846290062&params=location,allowTest,showCard,showCashApp,showGooglePay,showApplePay
Requested by: Host: cdn02.jotfor.ms
URL: https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.37082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f90f559f45ec6f051be8c6a7f3e9f100fa59b10f6a198a42fcd3753d8c5e044a

Request headers

Referer: https://form.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 27 Feb 2023 20:45:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Mon, 27 Feb 2023 20:45:26 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETE
content-type: application/json
access-control-allow-origin: https://form.jotform.com
cache-control: no-cache
access-control-allow-credentials: true
x-form-cache: MISS
cf-ray: 7a03c39d3ec45cb0-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 main-iframe.html Show response
web.squarecdn.com/1.45.3/ Frame C6CF 347 KB
96 KB 10ms
10ms Document
text/html 2600:9000:223d:a400:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.45.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a400:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b069f19e9732f457604daf2cece36c7acf1d08bbbe2b85ee673edc61ee21a268

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 74329
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Mon, 27 Feb 2023 00:06:38 GMT
etag: W/"70d70cad4649da4aab5ef31f2bf7440c"
last-modified: Thu, 26 Jan 2023 19:10:25 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-amz-cf-id: LCdNnZs4BPfQMvz0urXcNYWRr_szWrNEDSnvsUVtgtPf7qyKOdNXuA==
x-amz-cf-pop: FRA56-P3
x-amz-meta-md5checksum: cNcMrUZJ2kqrXvMfK/dEDA==
x-amz-meta-websdk-version: 1.45.3
x-amz-server-side-encryption: AES256
x-amz-version-id: lp6LnhjUU.l1PxTu9jAszo0xw1v023GV
x-cache: Hit from cloudfront

GET
H2 200 hydrate Show response
pci-connect.squareup.com/payments/ Frame C6CF 1 KB
1 KB 318ms
128ms Fetch
application/json 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com&locationId=L5QKJYJRZQ30W&version=1.45.3

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.45.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

5464f9b2784015e04c91c69811c1d08b194093b2c2cae99c4a4c81c36460ffdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Mon, 27 Feb 2023 20:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sq-dc: iad2b
square-version: 2018-07-12
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-speleo-traceid: BJGQEFgVjeMVW
x-sq-region: iad2b
content-length: 581
x-xss-protection: 1; mode=block
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 hydrate
pci-connect.squareup.com/payments/ Frame 0
0 362ms
103ms Preflight 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com&locationId=L5QKJYJRZQ30W&version=1.45.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://web.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://web.squarecdn.com
content-length: 0
date: Mon, 27 Feb 2023 20:45:26 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 data.js Show response
js.squareup.com/payments/ 84 KB
26 KB 452ms
195ms Script
application/javascript 76.223.91.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.squareup.com/payments/data.js

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.91.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

8404a6a7678c36ab3d141950926ef574e168935379d59de0d740e04e2212ae05

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 pay.js Show response
kit.cash.app/v1/ 254 KB
77 KB 155ms
26ms Script
text/javascript 2600:9000:211a:8400:1d:940e:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.cash.app/v1/pay.js
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8400:1d:940e:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62e4c8cb631b74c48dd226db25ecba5a3d06e81b845f00399c797503a0220411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: LOllGfko_jCATQpjln5sU8.JwLhpiTao
content-encoding: gzip
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
date: Mon, 27 Feb 2023 05:01:37 GMT
x-amz-cf-pop: VIE50-C2
age: 56631
x-amz-server-side-encryption: AES256
x-amz-meta-version: 1.56.1
x-cache: Hit from cloudfront
last-modified: Tue, 07 Feb 2023 16:53:35 GMT
server: AmazonS3
etag: W/"c68fb9fc50604611dcaf04aebda3ac53"
access-control-max-age: 300
x-amz-meta-md5checksum: xo+5/FBgRhHcrwSuvaOsUw==
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: deW5LmrIq3Qgfiv7cR1t3DRWdr711QrQZ-Mqgqv4IGkN1jXxHd6j4w==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 115 KB
36 KB 113ms
62ms Script
application/javascript 2a00:1450:4013:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c03::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6830154fd8143d0de84ddc9467b398c290b0ab9dcfcae40a33b93562f2120609

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uzJ0gHQbtI5QFEfUn6ySGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uzJ0gHQbtI5QFEfUn6ySGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 27 Feb 2023 20:45:27 GMT

GET
H2 200 single-card-element-iframe.html Show response
web.squarecdn.com/1.45.3/ Frame C355 8 KB
2 KB 9ms
9ms Document
text/html 2600:9000:223d:a400:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.45.3/single-card-element-iframe.html
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a400:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 47718
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Mon, 27 Feb 2023 07:30:14 GMT
etag: W/"03e704396b83c27986cdb35eb350b127"
last-modified: Thu, 26 Jan 2023 19:10:25 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-amz-cf-id: wzergk9kVLSPIuAYl5_aUJqSdZrO7kqDOlx5m-RlBSsMXRq4h8qV4w==
x-amz-cf-pop: FRA56-P3
x-amz-meta-md5checksum: A+cEOWuDwnmGzbNes1CxJw==
x-amz-meta-websdk-version: 1.45.3
x-amz-server-side-encryption: AES256
x-amz-version-id: 9YMOqnJryjULDJrtmd33Vkru7R4wVEpb
x-cache: Hit from cloudfront

POST
H2 200 token Show response
pci-connect.squareup.com/digital-wallets/google-pay/ Frame C6CF 256 B
770 B 119ms
119ms Fetch
application/json 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/digital-wallets/google-pay/token

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.45.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

ff8ccca34229b962d84cf738e7a693c14aee5e356b481d5b20ef55c1aa5b8fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sq-dc: iad2b
square-version: 2018-07-12
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-speleo-traceid: EgTKFZGDcHSPJ
x-sq-region: iad2b
content-length: 243
x-xss-protection: 1; mode=block
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame 0
0 106ms
105ms Preflight 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/digital-wallets/google-pay/token

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://web.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://web.squarecdn.com
content-length: 0
date: Mon, 27 Feb 2023 20:45:27 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 card-wrapper.css
web.squarecdn.com/1.45.3/ 5 KB
2 KB 10ms
9ms Stylesheet
text/css 2600:9000:223d:a400:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.45.3/card-wrapper.css
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:a400:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: fSTUvXlIYy6Q5WS0KqdG3iOsoC_m1a_M
content-encoding: gzip
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
date: Mon, 27 Feb 2023 05:11:13 GMT
x-amz-cf-pop: FRA56-P3
age: 56098
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-websdk-version: 1.45.3
last-modified: Thu, 26 Jan 2023 19:10:25 GMT
server: AmazonS3
etag: W/"fc8dede0a55deae1322d5d80b0e848a9"
access-control-max-age: 300
x-amz-meta-md5checksum: /I3t4KVd6uEyLV2AsOhIqQ==
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-type: text/css
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: 3-hqx2tWOicP4HnkEEbjJAqrp-U5j-aUgq-OvepLy23UB-I3iGknaQ==

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 1684 18 KB
8 KB 206ms
206ms Document
text/html 2a00:1450:4013:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fform.jotform.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c03::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cad0a01fed3246163ef3cd79d3de8f05bcc5e0d9fefe8b4ea9ce777cfbb3a9fb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-El7QnaKuejxn-uaa7U4lNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-El7QnaKuejxn-uaa7U4lNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Mon, 27 Feb 2023 20:45:27 GMT
expires: Mon, 27 Feb 2023 20:45:27 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 enclave.html Show response
kit.cash.app/1.56.1/pay/ Frame EE75 239 B
836 B 21ms
21ms Document
text/html 2600:9000:211a:8400:1d:940e:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.cash.app/1.56.1/pay/enclave.html
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/v1/pay.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8400:1d:940e:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bef7a2deb614af1ffdd71e3c09588dc01d810926d370afe673c66055ebcd03c

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 300
age: 41832
cache-control: public, max-age=31536000, immutable
content-length: 239
content-type: text/html; charset=utf-8
date: Mon, 27 Feb 2023 09:08:15 GMT
etag: "645a8e670ae349f3bf812e8b36f4dedd"
last-modified: Tue, 07 Feb 2023 16:47:27 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
x-amz-cf-id: esx65HeL7G0DMp8YwypRUeONXzPeGf_6FwqrvIC1UtBMJALZL-Q5RA==
x-amz-cf-pop: VIE50-C2
x-amz-meta-md5checksum: ZFqOZwrjSfO/gS6LNvTe3Q==
x-amz-meta-version: 1.56.1
x-amz-server-side-encryption: AES256
x-amz-version-id: C12Xp1P.q_QLpMeOLAKrPV.gKW1XCPpo
x-cache: Hit from cloudfront

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
320 B 522ms
434ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&catalog_name=cap_pk_page_view&cap_pk_page_view_instance_id=b0890815-835d-49ed-9472-838e223b0a4f&cap_pk_page_view_client_id=CA-CI_SQ_SELLER&cap_pk_page_view_browser_name=Chrome&cap_pk_page_view_browser_version=110.0.5481.177&cap_pk_page_view_browser_width=1600&cap_pk_page_view_browser_height=1200&cap_pk_page_view_browser_major_version=110&cap_pk_page_view_os_version=10&cap_pk_page_view_os_name=Windows&cap_pk_page_view_base_url=https%3A%2F%2Fform.jotform.com&cap_pk_page_view_device_screen_height=1200&cap_pk_page_view_device_screen_width=1600&nocache=16775307271821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7a03c3a57823360f-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
552 B 216ms
129ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKit&cap_pk_base_hostname=form.jotform.com&cap_pk_base_instance_id=b0890815-835d-49ed-9472-838e223b0a4f&cap_pk_initialization_raw=%7B%22event%22%3A%22INITIALIZATION%3A%3ASTART%22%2C%22eventSource%22%3A%22PayKit%22%7D&cap_pk_initialization_status=START&catalog_name=cap_pk_initialization&nocache=16775307271832

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7a03c3a57825360f-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 enclave.js Show response
kit.cash.app/1.56.1/pay/ Frame EE75 133 KB
40 KB 50ms
50ms Script
text/javascript 2600:9000:211a:8400:1d:940e:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.cash.app/1.56.1/pay/enclave.js
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/1.56.1/pay/enclave.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:8400:1d:940e:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4c521c51008792afb0aa67ae4a6f6ba9a53f8b9584b1b8f4cb6768579587a16

Request headers

Referer: https://kit.cash.app/1.56.1/pay/enclave.html
Origin: https://kit.cash.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: zkQShsIoSjVoQwIOc.4zM0Z0KRAnJNIo
content-encoding: gzip
via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
date: Mon, 27 Feb 2023 03:05:25 GMT
x-amz-cf-pop: VIE50-C2
age: 63603
x-amz-server-side-encryption: AES256
x-amz-meta-version: 1.56.1
x-cache: Hit from cloudfront
last-modified: Tue, 07 Feb 2023 16:47:27 GMT
server: AmazonS3
etag: W/"9c7c4e6614e7a9af93393f2fe486bed1"
access-control-max-age: 300
x-amz-meta-md5checksum: nHxOZhTnqa+TOT8v5Ia+0Q==
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
x-amz-cf-id: XZKi6gcZl0HfQ80etxZO6xSCuFXpMJ34ydJlex3EUj2EyY3UJfK-DQ==

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ 0
432 B 151ms
149ms Ping
text/plain 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://form.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://form.jotform.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-sq-region: iad2b
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ Frame EE75 43 B
319 B 127ms
126ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKitEnclave&cap_pk_base_hostname=form.jotform.com&cap_pk_base_instance_id=b0890815-835d-49ed-9472-838e223b0a4f&cap_pk_initialization_raw=%7B%22event%22%3A%22INITIALIZATION%3A%3AENCLAVE%22%2C%22eventData%22%3A%7B%22message%22%3A%7B%22isTrusted%22%3Atrue%7D%7D%2C%22eventSource%22%3A%22PayKitEnclave%22%7D&cap_pk_initialization_status=ENCLAVE&catalog_name=cap_pk_initialization&nocache=16775307272871

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kit.cash.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7a03c3a5984b360f-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
315 B 139ms
139ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKit&cap_pk_base_hostname=form.jotform.com&cap_pk_base_instance_id=b0890815-835d-49ed-9472-838e223b0a4f&cap_pk_initialization_raw=%7B%22event%22%3A%22INITIALIZATION%3A%3AOK%22%2C%22eventSource%22%3A%22PayKit%22%7D&cap_pk_initialization_status=OK&catalog_name=cap_pk_initialization&nocache=16775307272953

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7a03c3a5985e360f-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
318 B 128ms
127ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKit&cap_pk_base_hostname=form.jotform.com&cap_pk_base_instance_id=b0890815-835d-49ed-9472-838e223b0a4f&cap_pk_event_listener_added_event_type=CUSTOMER_INTERACTION&cap_pk_event_listener_added_raw=%7B%22event%22%3A%22EVENT_LISTENER_ADDED%3A%3AOK%22%2C%22eventData%22%3A%7B%22type%22%3A%22CUSTOMER_INTERACTION%22%7D%2C%22eventSource%22%3A%22PayKit%22%7D&cap_pk_event_listener_added_status=OK&catalog_name=cap_pk_event_listener_added&nocache=16775307272974

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7a03c3a5a868360f-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
319 B 126ms
126ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKit&cap_pk_base_hostname=form.jotform.com&cap_pk_base_instance_id=b0890815-835d-49ed-9472-838e223b0a4f&cap_pk_event_listener_added_event_type=CUSTOMER_REQUEST_APPROVED&cap_pk_event_listener_added_raw=%7B%22event%22%3A%22EVENT_LISTENER_ADDED%3A%3AOK%22%2C%22eventData%22%3A%7B%22type%22%3A%22CUSTOMER_REQUEST_APPROVED%22%7D%2C%22eventSource%22%3A%22PayKit%22%7D&cap_pk_event_listener_added_status=OK&catalog_name=cap_pk_event_listener_added&nocache=16775307272975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7a03c3a5a86c360f-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
319 B 128ms
128ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKit&cap_pk_base_hostname=form.jotform.com&cap_pk_base_instance_id=b0890815-835d-49ed-9472-838e223b0a4f&cap_pk_event_listener_added_event_type=CUSTOMER_REQUEST_DECLINED&cap_pk_event_listener_added_raw=%7B%22event%22%3A%22EVENT_LISTENER_ADDED%3A%3AOK%22%2C%22eventData%22%3A%7B%22type%22%3A%22CUSTOMER_REQUEST_DECLINED%22%7D%2C%22eventSource%22%3A%22PayKit%22%7D&cap_pk_event_listener_added_status=OK&catalog_name=cap_pk_event_listener_added&nocache=16775307272976

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7a03c3a5a86d360f-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
317 B 129ms
129ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKit&cap_pk_base_hostname=form.jotform.com&cap_pk_base_instance_id=b0890815-835d-49ed-9472-838e223b0a4f&cap_pk_event_listener_added_event_type=CUSTOMER_REQUEST_FAILED&cap_pk_event_listener_added_raw=%7B%22event%22%3A%22EVENT_LISTENER_ADDED%3A%3AOK%22%2C%22eventData%22%3A%7B%22type%22%3A%22CUSTOMER_REQUEST_FAILED%22%7D%2C%22eventSource%22%3A%22PayKit%22%7D&cap_pk_event_listener_added_status=OK&catalog_name=cap_pk_event_listener_added&nocache=16775307272987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7a03c3a5a870360f-FRA
content-length: 56
x-xss-protection: 1; mode=block

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ Frame C6CF 0
432 B 119ms
119ms Ping
text/plain 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.45.3/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=form.jotform.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-sq-region: iad2b
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-xss-protection: 1; mode=block

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 1684 2 KB
2 KB 119ms
118ms Other
text/html 2a00:1450:4013:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/221885846290062
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c03::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fform.jotform.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.suBLg5V_lzE.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMit... Frame 1684 156 KB
55 KB 85ms
24ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.suBLg5V_lzE.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhKHMXdPIpCFmo133jX0qqG-S865g/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fform.jotform.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540363e2306a926aeca7b287e1dbafdadbee92551799f96809814b9dca439dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56135
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 12:23:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 19:06:54 GMT

GET
H2 200 frame.html Show response
connect.squareup.com/payments/data/ Frame D86D 33 KB
12 KB 386ms
112ms Document
text/html 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fform.jotform.com%2F221885846290062

Requested by

Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

606b778ab7d2fd5cc057e134c35368863b9d8d9eb71b9868ffa50ad1c3c68884

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://form.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
content-type: text/html
date: Mon, 27 Feb 2023 20:45:27 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
nd.squarecdn.com/2.2/w/w-952168/sync/js/ 303 KB
56 KB 470ms
114ms Script
application/javascript 99.83.176.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.squarecdn.com/2.2/w/w-952168/sync/js/

Requested by

Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.176.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab3378e3025098c17.awsglobalaccelerator.com

Software

nginx /

Resource Hash

a6cf155ac04de9999b67e2e6893e21ec2c2d5c7a5cde5db079d14b9b3d26af68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-nds-datacontractrequirement1: Placement, No matching URL placement for w-952168 at https://form.jotform.com/.
date: Mon, 27 Feb 2023 20:45:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff, nosniff
x-nds-datacontractrequirement2: Placement, Placement page number has not been detected.
server: nginx
content-encoding: gzip
x-frame-options: SAMEORIGIN, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-nds-datacontractrequirement0: Placement, Placement page has not been detected.
x-xss-protection: 1; mode=block, 1; mode=block

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.suBLg5V_lzE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ... Frame 1684 70 KB
26 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.suBLg5V_lzE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ84B5BMT0.L.B1.O/am=MAYAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriv3xorlOZ0zKzPuO97azGmR6ihUQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.suBLg5V_lzE.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhKHMXdPIpCFmo133jX0qqG-S865g/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4479ea10db1acca23d53543da449668b4fe47e4082d22ad4d536a0f7b76136bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26188
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 06:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 19:06:54 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 1684 1 MB
384 KB 72ms
72ms XHR
text/html 2a00:1450:4013:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4013:c03::5c Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

150b281096c7abf37d0a3652b7bd37d8beea19b64ec6881911b07c2e6c86c4ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DZ4gXY0MUedyEHdEoxcOLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DZ4gXY0MUedyEHdEoxcOLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 27 Feb 2023 20:45:27 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.suBLg5V_lzE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ... Frame 1684 23 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.suBLg5V_lzE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ84B5BMT0.L.B1.O/am=MAYAAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriv3xorlOZ0zKzPuO97azGmR6ihUQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9cde9548d6041f8e8630842d6ea107224be1c5b572c474ae45d91cc7f0e5801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9257
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 06:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 19:06:54 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.suBLg5V_lzE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ... Frame 1684 35 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.suBLg5V_lzE.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ84B5BMT0.L.B1.O/am=MAYAAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriv3xorlOZ0zKzPuO97azGmR6ihUQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46656cbafa54fb4c3e60fc5b812e588048fabcaef6fb521c62ebbd10b6b9c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 265113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13482
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 06:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 19:06:54 GMT

POST
H2 200 log Show response
play.google.com/ Frame 1684 131 B
273 B 51ms
51ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 20:45:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 89ms
50ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 27 Feb 2023 20:45:27 GMT
expires: Mon, 27 Feb 2023 20:45:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 1684 131 B
273 B 51ms
51ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 20:45:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 85ms
48ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 27 Feb 2023 20:45:27 GMT
expires: Mon, 27 Feb 2023 20:45:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 1684 131 B
273 B 53ms
52ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 20:45:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 84ms
48ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 27 Feb 2023 20:45:27 GMT
expires: Mon, 27 Feb 2023 20:45:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 1684 131 B
273 B 50ms
50ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 20:45:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 84ms
51ms Preflight
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 27 Feb 2023 20:45:27 GMT
expires: Mon, 27 Feb 2023 20:45:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 1684 131 B
578 B 85ms
50ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 27 Feb 2023 20:45:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Feb 2023 20:45:27 GMT

POST
H2 204 H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
squareup.com/1.0/as-reporter/csp/ Frame D86D 0
809 B 294ms
152ms Other
text/plain 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/221885846290062

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.squareup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 27 Feb 2023 20:45:28 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
x-xss-protection: 1; mode=block
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: https://connect.squareup.com
access-control-expose-headers: X-Tracon-Host, X-Trogdor-Host
cache-control: no-store
access-control-allow-credentials: true
x-frame-options: DENY
cf-ray: 7a03c3aa0e61382b-FRA
access-control-allow-headers: Content-Type, X-CSRF-Token, Authorization, Accept-Encoding, Cache-Control, Origin, X-Trogdor-Csrf-Token, X-Request-Deadline, X-Allow-Cookies, X-Block-Cookies, x-kpsdk-cd, x-kpsdk-ct
vary: Accept-Encoding

POST
H2 200 token Show response
connect.squareup.com/v2/analytics/ Frame D86D 108 B
739 B 125ms
125ms XHR
application/json 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareup.com/v2/analytics/token

Requested by

Host: connect.squareup.com
URL: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fform.jotform.com%2F221885846290062

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

0761202e5a8443e15de06a58d01fb8c8a0ef8afbd2773812493efa43d556882a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fform.jotform.com%2F221885846290062
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Feb 2023 20:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sq-dc: iad2b
square-version: 2018-07-12
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-speleo-traceid: PFaJCRZCYBkdC
x-sq-region: iad2b
content-length: 126
x-xss-protection: 1; mode=block
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://connect.squareup.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies

GET
H2 200 / Show response
nd.squarecdn.com/2.2/w/w-952168/init/js/ 529 B
1 KB 136ms
136ms Script
application/javascript 99.83.176.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nd.squarecdn.com/2.2/w/w-952168/init/js/?q=%7B%22e%22%3A897253%2C%22oq%22%3A%221600%3A1200%3A1600%3A1200%3A1600%3A1200%22%2C%22wfi%22%3A%22flap-153472%22%2C%22yf%22%3A%7B%7D%2C%22uers%22%3A%22uggcf%3A%2F%2Fsbez.wbgsbez.pbz%2F221885846290062%22%2C%22ov%22%3A%22o2%7C1600k1200%201600k1200%2024%2024%7C0%7Cra-HF%7Coc1-q400qo6n8n86q525%7Csnyfr%7C%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F110.0.5481.177%20Fnsnev%2F537.36%7Cjt1-n46p01n68sp5740r%22%7D

Requested by

Host: nd.squarecdn.com
URL: https://nd.squarecdn.com/2.2/w/w-952168/sync/js/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.176.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ab3378e3025098c17.awsglobalaccelerator.com

Software

nginx /

Resource Hash

5fb52f5c6baa00c4dd1c51c49c1cad092a4ce2f312a1abde9a2154634f301637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:45:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff, nosniff
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
content-length: 529
x-xss-protection: 1; mode=block

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ 0
432 B 120ms
119ms Ping
text/plain 13.248.205.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.205.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad42d0847b05b89b1.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://form.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Mon, 27 Feb 2023 20:45:28 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://form.jotform.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-sq-region: iad2b
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jotform.com/	1970-01-20 10:42:02	Name: JOTFORM_SESSION Value: p852p27gevp5rqifo01nmli2e0
.jotform.com/	1970-01-20 10:39:06	Name: userReferer Value: https%3A%2F%2Fform.jotform.com%2F
.jotform.com/	1970-01-20 10:39:06	Name: theme Value: tile-black
.jotform.com/	1970-01-20 10:39:06	Name: guest Value: guest_1c1e2118db7d57ba
.squareup.com/	1970-01-20 19:34:50	Name: _savt Value: 4b8bfdce-f84f-4f3c-a125-dcbc7f5ebe16
.google.com/	1970-01-20 14:22:21	Name: NID Value: 511=XP6j5qX21Dm5Jm5MwNF9q4cO8oM2kgFFIdneTexYX1ZyVRZOcHmZxGu2EYdnDl8tx-7xaWEl1Rwq5ss4ojCCWinhstNkT7HrCVuoWeQhmZQ4CO5QbTVdTwn84j3WxZyrlFDnFleOoQAq4QzxCHyIns-r_50lQiFOG3RRyBV-3Gc
.api.squareup.com/	1970-01-20 09:58:52	Name: __cf_bm Value: zXhlDB6Ug7eRRjWZA7KJYcz6WMKrdqu39qIxwN7ZYDY-1677530727-0-AbAwqzoiHyIzQ0u8nUqffsrAqvvncAXfPlEfhGMFZV6TclaBAZXSx8ZWgvWsAfIolpVjknPdjZwx5QyoQUCxwcg=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.jotform.com
api.squareup.com
browser.sentry-cdn.com
cdn.jotfor.ms
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cdnjs.cloudflare.com
connect.squareup.com
events.jotform.com
files.jotform.com
fonts.googleapis.com
fonts.gstatic.com
form.jotform.com
js.squareup.com
kit.cash.app
nd.squarecdn.com
pay.google.com
pci-connect.squareup.com
play.google.com
rmhc.otpnation.xyz
squareup.com
web.squarecdn.com
www.gstatic.com
www.jotform.com
13.248.205.93
162.159.137.66
2600:9000:211a:8400:1d:940e:c980:93a1
2600:9000:223d:a400:13:4005:e4c0:93a1
2606:4700:10::6816:4851
2606:4700:10::6816:4951
2606:4700:10::ac43:76b
2606:4700:11::6817:860b
2606:4700::6811:180e
2a00:1450:4001:80e::2003
2a00:1450:4001:830::200e
2a00:1450:400d:807::2013
2a00:1450:400d:80c::200a
2a00:1450:4013:c03::5c
2a04:4e42:400::729
35.190.41.132
35.201.118.58
76.223.91.57
99.83.176.153
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8
0761202e5a8443e15de06a58d01fb8c8a0ef8afbd2773812493efa43d556882a
0c973f26aa56fd5003ca94a620f5b3614a9d6701dc23569b20e36ab7fb9ecd29
150b281096c7abf37d0a3652b7bd37d8beea19b64ec6881911b07c2e6c86c4ec
389e4968243e1ad3c1522d3fa146679a6408e65162ad18d446e3e07731f3e2bb
3bab0f6af2f9b2e30ff55ff3574d96611cd4b4d672a692c7b94c2907dbe6e175
41f4ceddebe04630fe781aadd9956883463438f1df6a6e93bbef067c1fa00699
4479ea10db1acca23d53543da449668b4fe47e4082d22ad4d536a0f7b76136bf
45ab83495a675c12b6ce3eabb2182563b5067df721149dc0bb33c3c9fc32464e
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5392eaafbf2ad6e0b97924c030343f82f8c037fb8e2a8b43bd00c9bdbfb79326
540363e2306a926aeca7b287e1dbafdadbee92551799f96809814b9dca439dfd
5464f9b2784015e04c91c69811c1d08b194093b2c2cae99c4a4c81c36460ffdf
591709b12d91ff9bbca46087e12e52534d03f15fcc7c22abff519d8ea359a308
5fb52f5c6baa00c4dd1c51c49c1cad092a4ce2f312a1abde9a2154634f301637
602247c2a7c6a62787edbdd6152bd33a56235af8e6631bba37ab7b5d2d7251ce
606b778ab7d2fd5cc057e134c35368863b9d8d9eb71b9868ffa50ad1c3c68884
62e4c8cb631b74c48dd226db25ecba5a3d06e81b845f00399c797503a0220411
6830154fd8143d0de84ddc9467b398c290b0ab9dcfcae40a33b93562f2120609
6950f78b5df5f84fce7652a044dc28d7eeebd1faa53d17c0a0c5bf84bc6415b8
6bef7a2deb614af1ffdd71e3c09588dc01d810926d370afe673c66055ebcd03c
6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176
743896b34c6671fdc6d40c2b423b8481ad9ddd47c38860f173f19c15cc29602b
75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05
80de600a59fab721a05d8300853c7147eb7fc3d0d90d0eab55070eac38881231
81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e
8404a6a7678c36ab3d141950926ef574e168935379d59de0d740e04e2212ae05
a6cf155ac04de9999b67e2e6893e21ec2c2d5c7a5cde5db079d14b9b3d26af68
b069f19e9732f457604daf2cece36c7acf1d08bbbe2b85ee673edc61ee21a268
b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50
bef085ac7e8a6a093f26be0f257f1e9f88d59a8249b8ed9b7b678e4dc86688f8
c60462a13076bea84c6a3cbf1dd87bbc0f39c877b0f31ead3c9fd45dfb15f336
cad0a01fed3246163ef3cd79d3de8f05bcc5e0d9fefe8b4ea9ce777cfbb3a9fb
cd62e1811abf5572388bb4f4ef47d76dcfad942156d4eb5acdfe7d64a17e7924
d46656cbafa54fb4c3e60fc5b812e588048fabcaef6fb521c62ebbd10b6b9c07
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475
daa26b4e27d0c52ce264a88a323d939b6193ffe96b66b8d592f41d729c6fe758
dcc60ee221135af6b641f19ab599019d13e79af7d3a8af4cf9318ac910c445a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c521c51008792afb0aa67ae4a6f6ba9a53f8b9584b1b8f4cb6768579587a16
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f90f559f45ec6f051be8c6a7f3e9f100fa59b10f6a198a42fcd3753d8c5e044a
f9cde9548d6041f8e8630842d6ea107224be1c5b572c474ae45d91cc7f0e5801
ff8ccca34229b962d84cf738e7a693c14aee5e356b481d5b20ef55c1aa5b8fad

form.jotform.com Open in urlscan Pro 35.201.118.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

98 %HTTPS

68 %IPv6

11 Domains

25 Subdomains

19 IPs

5 Countries

2762 kBTransfer

6390 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

form.jotform.com Open in urlscan Pro
35.201.118.58 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

68 %
IPv6

11
Domains

25
Subdomains

19
IPs

5
Countries

2762 kB
Transfer

6390 kB
Size

7
Cookies

66 HTTP transactions
4 data transactions