urlscan.io logo urlscan.io
SecurityTrails logo

squareup.com Open in urlscan Pro
151.101.129.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wcssssxs.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquareup.com%2Fpay-invoice%2Finv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F/1/0101017ba22d...
Effective URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Submission: On September 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 9 domains to perform 81 HTTP transactions. The main IP is 151.101.129.49, located in United States and belongs to FASTLY, US. The main domain is squareup.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 3rd 2021. Valid for: a year.
This is the only time squareup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.38.88.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-88-225.us-west-2.compute.amazonaws.com
wcssssxs.r.us-west-2.awstrack.me
3    151.101.129.49 (United States)

ASN54113 (FASTLY, US)
squareup.com
9    74.122.189.136 (Ashburn, United States)

ASN15211 (SQUARE, US)
js.squareup.com
pci-connect.squareup.com
4    2600:9000:2240:ee00:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
web.squarecdn.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
17    151.101.193.49 (United States)

ASN54113 (FASTLY, US)
invoice-frontend-production-f.squarecdn.com
3    18.66.97.97 (United States)

ASN16509 (AMAZON-02, US)
d1g145x70srn7h.cloudfront.net
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.112.26 (United States)

ASN16509 (AMAZON-02, US)
dl6rt3mwcjzxg.cloudfront.net
2    74.122.189.133 (Ashburn, United States)

ASN15211 (SQUARE, US)
PTR: api.iad1.squareup.com
api.squareup.com
4    2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
2    74.122.189.132 (Ashburn, United States)

ASN15211 (SQUARE, US)
connect.squareup.com
2    99.83.176.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab3378e3025098c17.awsglobalaccelerator.com
nd.squarecdn.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
14    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Domain Requested by
17 invoice-frontend-production-f.squarecdn.com squareup.com
16 play.google.com www.gstatic.com
12 www.gstatic.com squareup.com
pay.google.com
www.gstatic.com
7 pci-connect.squareup.com web.squarecdn.com
4 pay.google.com web.squarecdn.com
pay.google.com
www.gstatic.com
4 web.squarecdn.com squareup.com
web.squarecdn.com
3 www.google-analytics.com www.googletagmanager.com
invoice-frontend-production-f.squarecdn.com
www.gstatic.com
3 d1g145x70srn7h.cloudfront.net invoice-frontend-production-f.squarecdn.com
web.squarecdn.com
3 squareup.com invoice-frontend-production-f.squarecdn.com
2 nd.squarecdn.com js.squareup.com
nd.squarecdn.com
2 connect.squareup.com js.squareup.com
connect.squareup.com
2 api.squareup.com
2 js.squareup.com squareup.com
web.squarecdn.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com squareup.com
1 dl6rt3mwcjzxg.cloudfront.net invoice-frontend-production-f.squarecdn.com
1 www.googletagmanager.com squareup.com
1 wcssssxs.r.us-west-2.awstrack.me 1 redirects
81 18

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
support.apple.com
www.microsoft.com
Subject Issuer Validity Valid
squareup.com
Entrust Certification Authority - L1K		 2021-05-03 -
2022-05-02		 a year crt.sh
*.squareup.com
Entrust Certification Authority - L1K		 2020-11-13 -
2021-11-30		 a year crt.sh
web.squarecdn.com
Amazon		 2021-06-01 -
2022-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.squarecdn.com
Entrust Certification Authority - L1K		 2021-02-04 -
2022-02-15		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
nd.squarecdn.com
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Frame ID: 5B5EE5BA48416ACAA572B5BBD19D09DA
Requests: 42 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Frame ID: E9F30625FE81ECDF988CE2FF982F3AC9
Requests: 4 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.10.0/single-card-element-iframe.html
Frame ID: 29FA39F1994346DB785CDE776A0329D0
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsquareup.com&mid=
Frame ID: 98ACA05F68C7DDF36454CB631A6D1F95
Requests: 16 HTTP requests in this frame

Frame: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F
Frame ID: 80921087C4927B0C55A96DCB8BC25043
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
Frame ID: FFB55A49290D4EED463039CC0DB5E704
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Square - Invoice - 60966credit cardSquare

Page URL History Show full URLs

  1. https://wcssssxs.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquareup.com%2Fpay-invoice%2Finv:0-ChAiO-c1n_2Nh42O1BMix7JAEP... HTTP 302
    https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

81
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

18
Subdomains

18
IPs

3
Countries

1750 kB
Transfer

6215 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wcssssxs.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquareup.com%2Fpay-invoice%2Finv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F/1/0101017ba22d2d9f-75b8e549-1336-4b81-880a-fa8a0f5387c1-000000/XdONKXQoRfARZRBAPGgZmJycYdQ=233 HTTP 302
    https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Redirect Chain
  • https://wcssssxs.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquareup.com%2Fpay-invoice%2Finv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F/1/0101017ba22d2d9f-75b8e549-1336-4b81-880a-fa8a0f5387c1-000000/XdONKXQoRfA...
  • https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99aa41ddd98912ea325a7dbfc0d4d36f8969258ff616cc1ddc9a42e27f9e380a
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload

Request headers

:method
GET
:authority
squareup.com
:scheme
https
:path
/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type
text/html
last-modified
Wed, 18 Aug 2021 17:21:33 GMT
etag
W/"611d419d-4ac1"
x-square
S=aia502.sjc2b.square
content-encoding
gzip
strict-transport-security
max-age=631152000; includeSubDomains; preload
accept-ranges
bytes
date
Wed, 01 Sep 2021 16:45:20 GMT
via
1.1 varnish
x-served-by
cache-bma1661-BMA
x-cache
MISS
x-cache-hits
0
x-timer
S1630514720.677463,VS0,VE679
vary
Accept-Encoding
set-cookie
squareGeo=SE-Z; path=/; SameSite=Strict; Secure; max-age=2419200

Redirect headers

Date
Wed, 01 Sep 2021 16:45:18 GMT
Location
https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Content-Length
0
Connection
keep-alive
paymentform
js.squareup.com/v2/ 		162 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.squareup.com/v2/paymentform
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
937fb2c7998645ab86f885f9d89d67692b61a6e81b360b3ca9bfc1828a3f6b76
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 16:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 UTC
square.js
web.squarecdn.com/v1/ 		262 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/v1/square.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:ee00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1245e389a55a8c3b1b7762dd9b6d92ae09f575c0ac77925f7af190d874b04c12

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
bNasq_fEqMD5W.OszEeEuqxBcHddCWBk
content-encoding
gzip
etag
W/"513e41497e45c70576e164d814812c71"
age
31975
x-cache
Hit from cloudfront
x-amz-meta-websdk-version
1.10.0
access-control-allow-origin
*
last-modified
Fri, 27 Aug 2021 19:25:55 GMT
server
AmazonS3
date
Wed, 01 Sep 2021 07:52:26 GMT
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
4LEW73xC9RVAxmkDNbR9kXozMOL4IEezlIU_456bPRXY3iTlLHtebw==
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-118441582-1
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e615474ffad917e5ff38be33f15337599ac00a865b5ce950ba93b2b83bb4419b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 16:45:20 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41275
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 15:38:29 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Sep 2021 16:45:20 GMT
intl.min-2d83656b91128d68eeecfd97b9dd79af.js
invoice-frontend-production-f.squarecdn.com/assets/intl/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/intl.min-2d83656b91128d68eeecfd97b9dd79af.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dc807ac569dc6c1b8e3769e4702ec99032b57e8745161e0c603e3de63a3d92b

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
LKiacNsLRdLCWkg6Mh9jE0QoYiU5NPz1
content-encoding
gzip
etag
"1eb138d03f3f9d71adfd25d8ee710a42"
age
886430
via
1.1 varnish
x-cache
HIT
access-control-max-age
3000
x-amz-request-id
20MWX7A58953WNDH
x-amz-id-2
U80CYsqTlDvn+HbaD34czeJjgc4dot24ouay1KJss5fGKWJ7OyEHtFy5YxI1ECy7oIolR+cNvpA=
x-served-by
cache-bma1675-BMA
accept-ranges
bytes
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630514720.497718,VS0,VE2
date
Wed, 01 Sep 2021 16:45:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
content-length
13713
x-cache-hits
1
en-au-0222577690c4a3aacb2fba5cd9537df3.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-au-0222577690c4a3aacb2fba5cd9537df3.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d964f5084cc7b238b22a616d0abe1b13ed3c1a3c53761667d9c5e7fe241dfcda

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
.J2IyFsZz4S8relwz8eCzdX5MKY26v9o
content-encoding
gzip
etag
"0fcd4bc76845af88bec21978b6e07ba7"
age
558130
via
1.1 varnish
x-cache
HIT
access-control-max-age
3000
x-amz-request-id
57ZGS1D975X96ZH8
x-amz-id-2
6Ol3J6J/BlObhS2tWEd/uzH8rHfGqNni1eqo0xcaA33dm5hR57jluZM7iTGULycJGzyxciPFEvY=
x-served-by
cache-bma1675-BMA
accept-ranges
bytes
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.497703,VS0,VE1
date
Wed, 01 Sep 2021 16:45:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
content-length
3920
x-cache-hits
1
en-ca-e078e768a62418f0d77cb6df0371bf01.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-ca-e078e768a62418f0d77cb6df0371bf01.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dd21fcd4cb667e8609e0044091df3b7a1a8bb6108aa8ed9e76940bc331f6cc8

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
2w7iksU8p8i6f69AXBa_CGJkkxAI7hqw
content-encoding
gzip
etag
"8b02c05077b3214d45c7656dac095fc6"
age
558130
via
1.1 varnish
x-cache
HIT
access-control-max-age
3000
x-amz-request-id
57ZV6FSC5Z13C6ZW
x-amz-id-2
I5Kh1XKqY6AW4PkMYqXK1dDbkaNPiLNCmTWcUFZfKCygnf5QWXk0H1Ip5GES1DWurGLS3K8o5Tc=
x-served-by
cache-bma1675-BMA
accept-ranges
bytes
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.468408,VS0,VE3
date
Wed, 01 Sep 2021 16:45:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
content-length
4065
x-cache-hits
1
en-gb-cc40e0bbbd261889065a18b1b5a714d5.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-gb-cc40e0bbbd261889065a18b1b5a714d5.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71f21c5270b3632c61ca8bfdc02e5f40201ec17a284dc8c9e446565756ed3b51

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
Nky118mOCm_3q11Cu36Qbp2ZJjIUfkeo
content-encoding
gzip
etag
"a53375f97256f0fae94bb68c931c8aaa"
age
606164
via
1.1 varnish
x-cache
HIT
content-length
4064
x-amz-id-2
AzOE+bfBlnN3KdnCGbBA9HHfTkOe0R5+tzrcFrHMa3b122g/aKFZxIL0XsHvvRMSFUHc1IIFgt8=
x-served-by
cache-bma1675-BMA
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.497755,VS0,VE1
date
Wed, 01 Sep 2021 16:45:20 GMT
x-amz-request-id
44J35YHYSJGANEW5
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
en-ie-5cc058c1184e64e6e77a7227427ff0d0.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-ie-5cc058c1184e64e6e77a7227427ff0d0.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f2158fad11f0c3cea49561e18953e14c573a87d9b365e70acf6697fc90041a3

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
YJ.dManu.nWS9XsfJjwTEBZdSKi.NAba
content-encoding
gzip
etag
"26e1307a2d7f527f34919bdfc580a100"
age
606163
via
1.1 varnish
x-cache
HIT
content-length
4067
x-amz-id-2
zm8v4zJ//CesvKnJaVBGZK7UjC8AeNiX3s1T8e4V9v36SOtLV0uuPwwnBKbWYZZDuCLOJFOxwnQ=
x-served-by
cache-bma1675-BMA
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.497731,VS0,VE1
date
Wed, 01 Sep 2021 16:45:20 GMT
x-amz-request-id
44J8ERGAP57TTK7B
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
en-4117b0703b724e538ca3fe317aafd96b.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-4117b0703b724e538ca3fe317aafd96b.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
872ec2095f32e3b178d26ef41f302765414919e49a097fd24430a40481d2981e

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
TXoZf0Z2nxxvUYPGGSUV1liu9szOc62c
content-encoding
gzip
etag
"9055c30a3384e3d28d133eb6effb0c8c"
age
575344
via
1.1 varnish
x-cache
HIT
access-control-max-age
3000
x-amz-request-id
9K99HSMQCMXDG7BV
x-amz-id-2
1eXaHOGa5e2GkcTlJUToskgCUNefMOBXsvlXx4Ts8Oe0Wtze5G2iaTu/3H8BmLrchR9r2k4a444=
x-served-by
cache-bma1675-BMA
accept-ranges
bytes
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.497773,VS0,VE1
date
Wed, 01 Sep 2021 16:45:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
content-length
4052
x-cache-hits
1
es-3453aba256d274692a0decf86dd0b767.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/es-3453aba256d274692a0decf86dd0b767.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d1777861ce46fe973eca93898a963d05ec97a6022dac22e20ccfe7d75a6cb90

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
SoD0OQFiJ4nCdN5Acj6Nj9SbHXOaxo6f
content-encoding
gzip
etag
"a2697dd96efa4a7dc3d34eeba344d060"
age
558130
via
1.1 varnish
x-cache
HIT
access-control-max-age
3000
x-amz-request-id
57ZPMYRQ9XZSZG2H
x-amz-id-2
slIc4tQ5DbcNrVxWZcSz+LTEt/rDBlWZ02V+nMrc9TzIaF70luU3KvOfjur7YkaFtD/KemNHryQ=
x-served-by
cache-bma1675-BMA
accept-ranges
bytes
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.468369,VS0,VE2
date
Wed, 01 Sep 2021 16:45:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
content-length
3985
x-cache-hits
1
fr-ca-a883be91bb2b04ab366d130114068172.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/fr-ca-a883be91bb2b04ab366d130114068172.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5281b4c1f5c2381c845d65e1040c32aee00266f38125fffb5401224134e7cdb7

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
9BCoMTGpkeWrMqjYQjlruI0sWxs86Z7d
content-encoding
gzip
etag
"1d6bf742de9b055b4132d218e101cb98"
age
606164
via
1.1 varnish
x-cache
HIT
content-length
4164
x-amz-id-2
srxFZIVU9Qo3F6dnZDegX8il3NxqfB6YXIfngHMgavQTMx7JyNz3WO8f544EuCUgchLTUNJ37tU=
x-served-by
cache-bma1675-BMA
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.468387,VS0,VE2
date
Wed, 01 Sep 2021 16:45:20 GMT
x-amz-request-id
44JFC8C2BXDYTNFG
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
ja-5f9fa9420ef1f4cbf31c2b5b7b66f688.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ja-5f9fa9420ef1f4cbf31c2b5b7b66f688.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eda6f7f1f9691bec0b6a4efa87c38c53e2692ffe1d9e3059f1d4883183468ba9

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
MCNlZjCzIHeMJiRQJAkKDCUOUBeMD5wg
content-encoding
gzip
etag
"cb2e9ee6287b089d89919bee02da8b37"
age
606163
via
1.1 varnish
x-cache
HIT
content-length
3048
x-amz-id-2
WeonIa/CrryMFh7HHjRFrFdZECmsTAkeOUCQrxPJmHKLWo4CPxjL8Y9ln2X9Bwqj6AC0h0SwmP0=
x-served-by
cache-bma1675-BMA
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.468350,VS0,VE1
date
Wed, 01 Sep 2021 16:45:20 GMT
x-amz-request-id
44J3K6CW3C5BPKBS
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
clinton-c7f65054fa7ff58196da3fb8d199c85d.css
invoice-frontend-production-f.squarecdn.com/assets/styles/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/styles/clinton-c7f65054fa7ff58196da3fb8d199c85d.css
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
924fdd63a0ad04c23bff8f8ea428daab48d4bdc133e0c5b97c3dc1cb86feeeea

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
ObmfHRVjTdoaZTDNGefAkVvfssBsDtfD
content-encoding
gzip
etag
"73dc7f765387bf7601caf82010330753"
age
606165
via
1.1 varnish
x-cache
HIT
content-length
7195
x-amz-id-2
h+xmw/kEV3fVgt8VbTQnA2FbRK5+gsd1tsF9bk49gzSCPo+pzm0lkwJaOrN9KlKln7dxVW/s1uE=
x-served-by
cache-bma1675-BMA
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.468125,VS0,VE2
date
Wed, 01 Sep 2021 16:45:20 GMT
x-amz-request-id
95FDT73W96E8CZE4
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
1
vendor-d53856c17b0acac57e92e43fc84346a7.css
invoice-frontend-production-f.squarecdn.com/assets/ 		106 B
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/vendor-d53856c17b0acac57e92e43fc84346a7.css
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77c2e42d42a15c3d7eca6751c19a048904ceb6031a46c63b263507337751b03c

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
eL5CPo0J4seuCB4RVgtx2FSX4dCcEzv0
content-encoding
gzip
etag
"df3f511451a6a24723f86ea54028f4b0"
age
117533
via
1.1 varnish
x-cache
HIT
content-length
101
x-amz-id-2
ofFKPVAo5EJGXuX5BBAJsCQjvXE2XUEr+aBPHN6xyCi+cMkG8rsPgXbFbZjnM3FdZBszQh5Tl88=
x-served-by
cache-bma1675-BMA
last-modified
Mon, 30 Aug 2021 14:46:21 GMT
server
AmazonS3
x-timer
S1630514720.468127,VS0,VE1
date
Wed, 01 Sep 2021 16:45:20 GMT
x-amz-request-id
8K21M6WSGDZ8E5S8
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
1
invoice-fe-5c5b4e3794f36135cefd6bf20315cd64.css
invoice-frontend-production-f.squarecdn.com/assets/ 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/invoice-fe-5c5b4e3794f36135cefd6bf20315cd64.css
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5d4d3d96ea4d5f528b3ab87a30644763579970d28eade203ec3635c35561fd7

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
0ao8r1zGf_pjndiLMUW5kEnVtaQ8qJZ2
content-encoding
gzip
etag
"2b1627443f1fc8a42e0574b595aa0586"
age
606164
via
1.1 varnish
x-cache
HIT
content-length
8008
x-amz-id-2
LOG4xfhTvMXmUXiclfV7/bFJ2gYdb6Qque5qv7SubLZOwYkyTYZNAIL5Jk6+/fwl2RnvppaxOuA=
x-served-by
cache-bma1675-BMA
last-modified
Wed, 25 Aug 2021 01:34:56 GMT
server
AmazonS3
x-timer
S1630514720.468418,VS0,VE1
date
Wed, 01 Sep 2021 16:45:20 GMT
x-amz-request-id
44J8P4NE6J8CG44C
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
1
vendor-c0a3b3789a118ee4565a23143223427c.js
invoice-frontend-production-f.squarecdn.com/assets/ 		2 MB
448 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0e12af487b1dbea88322f3a67504be9e5f8734f7ebe069e8a719cb8dcd59d8c

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
kZRIeGMRoagU2lja6.0ifSWBnIFkQwO9
content-encoding
gzip
etag
"5e08cbfb3cbaf91ff8fb00a2fb0104ea"
age
886430
via
1.1 varnish
x-cache
HIT
access-control-max-age
3000
x-amz-request-id
20MMTEHXZC2B32AR
x-amz-id-2
h1BRXFJ+bcbI3GbYNFwJzQ6T1QTyogrxg6vsjQQmFZgZPBi1wS9IEeHUztYLDL5wYEfiCsE3Tu4=
x-served-by
cache-bma1675-BMA
accept-ranges
bytes
last-modified
Wed, 18 Aug 2021 17:21:36 GMT
server
AmazonS3
x-timer
S1630514720.497748,VS0,VE4
date
Wed, 01 Sep 2021 16:45:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
content-length
458301
x-cache-hits
1
invoice-fe-7df0a6bdf8cadc9fd2d2814c7eccd6f2.js
invoice-frontend-production-f.squarecdn.com/assets/ 		807 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/invoice-fe-7df0a6bdf8cadc9fd2d2814c7eccd6f2.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fbd9205596cd9c4fae3017cfbcd22394138c8253415926fbc7ba060227ca35a

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
rptUG41YRqeNgma9P1cq08.AG3pe.HkF
content-encoding
gzip
etag
"64a2a48b54c6494b0a710d449070f2d9"
age
564855
via
1.1 varnish
x-cache
HIT
access-control-max-age
3000
x-amz-request-id
K3J4JM333SQNJHME
x-amz-id-2
jQy80bv1XPMGQzw1jUUtmRwbwtZmg5qMicQqJvC5JRJnHmsgP9vXWsCMKCbxkG5QM9JLuQlTjHQ=
x-served-by
cache-bma1675-BMA
accept-ranges
bytes
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630514720.468340,VS0,VE2
date
Wed, 01 Sep 2021 16:45:20 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
content-length
144774
x-cache-hits
1
print-41d0042198e988da1a5623fc418eb313.css
invoice-frontend-production-f.squarecdn.com/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/print-41d0042198e988da1a5623fc418eb313.css
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cc58116c96c356881f7d2aaf68215d18ec3f583486fa3e4c25b56f3fc06bacb

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
91niJ4r9LGDcxhcxaLNzgYZKGyLjeg9X
content-encoding
gzip
etag
"6fe5863a03b7539561e04bbb37eba416"
age
117534
via
1.1 varnish
x-cache
HIT
content-length
779
x-amz-id-2
TraRKdziPqWeZwMxkwrwSwwb0woHiE6uDrJwh3g8bdt4l8XVO1u9Mxo+oSp7pL734bQenjD1ILo=
x-served-by
cache-bma1675-BMA
last-modified
Mon, 30 Aug 2021 14:46:21 GMT
server
AmazonS3
x-timer
S1630514721.009825,VS0,VE1
date
Wed, 01 Sep 2021 16:45:21 GMT
x-amz-request-id
8K26SK52MBEKTPR6
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
1
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d821f6cc288a061d009f64f53e24908fe006c3307dff1410a516ee8edf1a91cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
sqmarket-medium.woff2
d1g145x70srn7h.cloudfront.net/fonts/sqmarket/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1g145x70srn7h.cloudfront.net/fonts/sqmarket/sqmarket-medium.woff2
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/invoice-fe-5c5b4e3794f36135cefd6bf20315cd64.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7

Request headers

Origin
https://squareup.com
Referer
https://invoice-frontend-production-f.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
kv.0reKcZpdvzDTj2XEiMO_1vJk6WDBB
Via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68d.cloudfront.net (CloudFront)
ETag
"2344124773c71bf4fa4ad407e7c3a467"
Age
39156
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
30768
Last-Modified
Mon, 24 Aug 2015 16:41:39 GMT
Server
AmazonS3
Date
Wed, 01 Sep 2021 05:52:45 GMT
Vary
Origin
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-P2
Accept-Ranges
bytes
X-Amz-Cf-Id
t1gKvLyDY5zjWCqkfVyjwH8S98F5QSKyFADWjW_2wOreNTzChUlbfg==
sqmarket-regular.woff2
d1g145x70srn7h.cloudfront.net/fonts/sqmarket/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1g145x70srn7h.cloudfront.net/fonts/sqmarket/sqmarket-regular.woff2
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/invoice-fe-5c5b4e3794f36135cefd6bf20315cd64.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
229ec17324b239127841118369b6ba49cb6acbc054be11dd6b27e68c115565c7

Request headers

Origin
https://squareup.com
Referer
https://invoice-frontend-production-f.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
CcLixdUV9eg1iOIXvMg.HaT5aV.S.lWh
Via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
ETag
"84eba500a4ec29ccfadf1e9bff16b67f"
Age
76395
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
29044
Last-Modified
Mon, 24 Aug 2015 16:41:41 GMT
Server
AmazonS3
Date
Tue, 31 Aug 2021 19:34:26 GMT
Vary
Origin
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-P2
Accept-Ranges
bytes
X-Amz-Cf-Id
8D-ErfIOaLE7dF8WKi90n1TrbDwIcjjYdcWv0uYRQDolT6M8ivQ0Tg==
GetInvoice
squareup.com/services/squareup.invoice.frontend.InvoiceFrontendService/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://squareup.com/services/squareup.invoice.frontend.InvoiceFrontendService/GetInvoice
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b30ce50eb1cf665070fbea0e46a477ce6169c5da11f5853faf41553185d55fea
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://squareup.com
accept-encoding
gzip, deflate, br
x-csrf-token
undefined
accept-language
en-US
sec-fetch-dest
empty
cookie
squareGeo=SE-Z; _savt=46ca54a7-e185-436e-8ba9-bf1372da1742
content-length
36
:path
/services/squareup.invoice.frontend.InvoiceFrontendService/GetInvoice
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-protobuf
accept
application/x-protobuf
cache-control
no-cache
:authority
squareup.com
referer
https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
:scheme
https
sec-fetch-site
same-origin
:method
POST
accept
application/x-protobuf
Referer
https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
x-csrf-token
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-protobuf

Response headers

strict-transport-security
max-age=631152000; includeSubDomains; preload
via
1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
content-transfer-encoding
binary
content-disposition
inline
x-square
S=apa558.sjc2b.square
x-request-id
4c0f7709-8faa-4992-bec4-232aa9994d19
x-served-by
cache-bma1661-BMA
referrer-policy
strict-origin-when-cross-origin
x-timer
S1630514721.226713,VS0,VE737
etag
W/"b30ce50eb1cf665070fbea0e46a477ce"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/x-protobuf
x-xss-protection
1; mode=block
cache-control
private
set-cookie
squareGeo=SE-Z; path=/; SameSite=Strict; Secure; max-age=2419200
accept-ranges
bytes
date
Wed, 01 Sep 2021 16:45:21 GMT
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118441582-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4382
date
Wed, 01 Sep 2021 15:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 01 Sep 2021 17:32:19 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1423531858&t=pageview&_s=1&dl=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F&ul=en-us&de=UTF-8&dt=Square&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1294134501&gjid=997430341&cid=481243311.1630514721&tid=UA-118441582-1&_gid=1630665270.1630514721&_r=1&gtm=2ou8u0&z=1222917005
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Sep 2021 16:45:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://squareup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
LogView
squareup.com/services/squareup.invoice.frontend.InvoiceFrontendService/ 		2 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://squareup.com/services/squareup.invoice.frontend.InvoiceFrontendService/LogView
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb8da7eb5b1b399e7321179dac9e9f65773d7331e1e30554e3911e4325e1ef19
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://squareup.com
accept-encoding
gzip, deflate, br
x-csrf-token
undefined
accept-language
en-US
sec-fetch-dest
empty
content-length
38
:path
/services/squareup.invoice.frontend.InvoiceFrontendService/LogView
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-protobuf
accept
application/x-protobuf
cache-control
no-cache
:authority
squareup.com
referer
https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
:scheme
https
sec-fetch-site
same-origin
:method
POST
accept
application/x-protobuf
Referer
https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
x-csrf-token
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-protobuf

Response headers

strict-transport-security
max-age=631152000; includeSubDomains; preload
via
1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
content-transfer-encoding
binary
content-disposition
inline
x-square
S=apa558.sjc2b.square
x-request-id
cb910473-44b5-4c0f-84fd-49c10906f92d
x-served-by
cache-bma1661-BMA
referrer-policy
strict-origin-when-cross-origin
x-timer
S1630514722.071436,VS0,VE555
etag
W/"fb8da7eb5b1b399e7321179dac9e9f65"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/x-protobuf
x-xss-protection
1; mode=block
cache-control
private
set-cookie
squareGeo=SE-Z; path=/; SameSite=Strict; Secure; max-age=2419200
accept-ranges
bytes
date
Wed, 01 Sep 2021 16:45:22 GMT
x-cache-hits
0
main-iframe.html
web.squarecdn.com/1.10.0/ Frame E9F3 		272 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:ee00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09f6b6ff98dc14e11eefaab855cbd2ae6f7782207f00d2a569c8e5990695381d

Request headers

:method
GET
:authority
web.squarecdn.com
:scheme
https
:path
/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

content-type
text/html
date
Wed, 01 Sep 2021 03:33:17 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-max-age
300
last-modified
Mon, 23 Aug 2021 19:39:17 GMT
etag
W/"3f57e302192d022fff3c61e1f3f1d501"
cache-control
public, max-age=300
x-amz-meta-websdk-version
1.10.0
x-amz-version-id
cFXuyN7P1Tzlkgmy0PoIay15bX45f_bq
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
nV8_tMjTrFlE0ewDAAKo5juWk83xNeEfEM23EK1WWgkhMQuHNiGLwQ==
age
47525
sqmarket-medium.woff
dl6rt3mwcjzxg.cloudfront.net/assets/sqmarket/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl6rt3mwcjzxg.cloudfront.net/assets/sqmarket/sqmarket-medium.woff
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/styles/clinton-c7f65054fa7ff58196da3fb8d199c85d.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c21de5d72e7f034a98612525e4718c3cd06192c7aa5ca9993ed378a86325738

Request headers

Origin
https://squareup.com
Referer
https://invoice-frontend-production-f.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 27 Aug 2021 08:57:26 GMT
Via
1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
Age
460077
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43576
Last-Modified
Fri, 10 May 2013 00:48:12 GMT
Server
AmazonS3
ETag
"c64563fa4880c7ef6488f3bb459d61b6"
Vary
Origin
Access-Control-Allow-Methods
GET
x-amz-version-id
null
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
X-Amz-Cf-Pop
FRA56-P5
Accept-Ranges
bytes
Content-Type
application/font-woff
X-Amz-Cf-Id
zfI1nb6lSohRYs_BlWs2Si2rMMGXK2D1dvnNrqvhY5FQNxLonqBhpQ==
Expires
Sat, 10 May 2014 06:48:11 GMT
merchant-logo-white-b1a05e2c6c98ce5ee7db2e2fb156b711.png
invoice-frontend-production-f.squarecdn.com/assets/images/ 		667 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/images/merchant-logo-white-b1a05e2c6c98ce5ee7db2e2fb156b711.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0eaf26cdf05c1f7ae84506a0adea5793de9dd86f8b03ef0ac747080195e6071

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
h2NWT0JWYsUB8Jc0THeQC.nIMLuzIGfe
via
1.1 varnish
etag
"b1a05e2c6c98ce5ee7db2e2fb156b711"
age
862943
x-cache
HIT
content-length
667
x-amz-id-2
LI+jzZliXBVAiHkyBsi0me9EoQgQt9j9BDy/Y5ExtVoADP2+maqd5nzELcU3/BEhmaGOUsSBq1A=
x-served-by
cache-bma1681-BMA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630514722.286228,VS0,VE1
date
Wed, 01 Sep 2021 16:45:22 GMT
x-amz-request-id
Z37T63PSTPQ9K4E8
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
image/png
x-cache-hits
1
merchant-logo-ultra-dark@2x-abbed05e11ae442c36aac15d1e5de6bf.png
invoice-frontend-production-f.squarecdn.com/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/images/merchant-logo-ultra-dark@2x-abbed05e11ae442c36aac15d1e5de6bf.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb954d9033effc162fed52e5107b8ead563e00f5da5df86e327b083ca4447844

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
5tVKm5NpBCry_wzlr13Srywe0d2tH85H
via
1.1 varnish
etag
"abbed05e11ae442c36aac15d1e5de6bf"
age
862943
x-cache
HIT
content-length
1956
x-amz-id-2
ApPaWhlYQjXj3zvGO7HAQOtoLozazWYdlZ7pfzUPYpgp5CsoWtcjE8MbcwhGMeGKK5yFp7LRBbo=
x-served-by
cache-bma1681-BMA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630514722.286456,VS0,VE3
date
Wed, 01 Sep 2021 16:45:22 GMT
x-amz-request-id
Z37YH47ZR5HXKWGZ
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
image/png
x-cache-hits
85
pixel_tracking
api.squareup.com/2.0/log/ 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.squareup.com/2.0/log/pixel_tracking?app_name=invoice-fe&u_library_name=js%2Feventstream&u_library_version=2.4.2&webpage_path=%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F&webpage_referrer=&webpage_title=&webpage_search=&webpage_full_url=https%3A%2F%2Fsquareup.com%2F%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F&webpage_base_url=https%3A%2F%2Fsquareup.com&browser_name=Chrome&browser_version=92.0.4515.159&browser_major_version=92&os_name=Windows&os_version=10&device_screen_height=1200&device_screen_width=1600&browser_height=1200&browser_width=1600&catalog_name=page_view&page_view_description=Invoices%3A%20Pay%20Page&nocache=16305147221921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.133 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
api.iad1.squareup.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 16:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
frame-options
DENY
x-frame-options
DENY
content-type
image/gif
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Accept-Encoding, User-Agent
content-length
56
x-xss-protection
1; mode=block
pixel_tracking
api.squareup.com/2.0/log/ 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.squareup.com/2.0/log/pixel_tracking?app_name=invoice-fe&u_library_name=js%2Feventstream&u_library_version=2.4.2&webpage_path=%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F&webpage_referrer=&webpage_title=&webpage_search=&webpage_full_url=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F&webpage_base_url=https%3A%2F%2Fsquareup.com&browser_name=Chrome&browser_version=92.0.4515.159&browser_major_version=92&os_name=Windows&os_version=10&device_screen_height=1200&device_screen_width=1600&browser_height=1200&browser_width=1600&catalog_name=page_load_time&page_load_time_application_render_timestamp=1630514722186&page_load_time_navigation_start=1630514718661&page_load_time_fetch_start=1630514719604&page_load_time_domain_lookup_start=1630514719605&page_load_time_domain_lookup_end=1630514719611&page_load_time_connect_start=1630514719611&page_load_time_connect_end=1630514719667&page_load_time_secure_connection_start=1630514719637&page_load_time_request_start=1630514719667&page_load_time_response_start=1630514720373&page_load_time_response_end=1630514720377&page_load_time_dom_loading=1630514720376&page_load_time_dom_interactive=1630514721109&page_load_time_dom_content_loaded_event_start=1630514721109&page_load_time_dom_content_loaded_event_end=1630514721109&page_load_time_dom_complete=1630514721262&page_load_time_load_event_start=1630514721262&page_load_time_load_event_end=1630514721262&nocache=16305147222202
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.133 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
api.iad1.squareup.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 16:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
frame-options
DENY
x-frame-options
DENY
content-type
image/gif
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Accept-Encoding, User-Agent
content-length
56
x-xss-protection
1; mode=block
hydrate
pci-connect.squareup.com/payments/ Frame E9F3 		815 B
854 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com&locationId=ENSX0HVTBWK2F
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
cae859d1b1fb66010d2bf014239d5e5d07faf937b0cf3acaccb4d171e58485b0
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://web.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json; charset=utf-8

Response headers

date
Wed, 01 Sep 2021 16:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
square-version
2018-07-12
x-speleo-traceid
JkKccCkCCTWVW
vary
Origin, Accept-Encoding
content-length
470
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://web.squarecdn.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
hydrate
pci-connect.squareup.com/payments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com&locationId=ENSX0HVTBWK2F
Protocol
H2
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://web.squarecdn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://web.squarecdn.com
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
date
Wed, 01 Sep 2021 16:45:22 GMT
content-length
0
strict-transport-security
max-age=631152000; includeSubDomains; preload
data.js
js.squareup.com/payments/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.squareup.com/payments/data.js
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
db4423ff332dcb542f4544a5bf1e8261f019a4fd812b6838d21de51b3b452791
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 16:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
pay.js
pay.google.com/gp/p/js/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29fd49297e8b57fcc17307c57ad0bd8866ff3eee75de6c2eaa0096c7e0b9cf4b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-dBh/JagxYjSwWdwrMrrQKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-dBh/JagxYjSwWdwrMrrQKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 16:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=600
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-dBh/JagxYjSwWdwrMrrQKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-dBh/JagxYjSwWdwrMrrQKA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:22 GMT
single-card-element-iframe.html
web.squarecdn.com/1.10.0/ Frame 29FA 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.10.0/single-card-element-iframe.html
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:ee00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d325ad5097d79a4ca85ab353303f46188fb6df5d0eb518d02f3ad7b6abe1f025

Request headers

:method
GET
:authority
web.squarecdn.com
:scheme
https
:path
/1.10.0/single-card-element-iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

content-type
text/html
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-max-age
300
last-modified
Mon, 23 Aug 2021 19:39:17 GMT
x-amz-meta-websdk-version
1.10.0
x-amz-version-id
JPEBY4Aob5wVV73hLl2MCXEoAyYZSTb6
server
AmazonS3
content-encoding
gzip
date
Wed, 01 Sep 2021 06:46:27 GMT
cache-control
public, max-age=300
etag
W/"eaaf3b62c063f3550aaae7792ce8b3b1"
x-cache
Hit from cloudfront
via
1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
EgQgV-_PV5heLWV2DMvAqmBY9Qd1ivdLlI8Qcj5uEERCejCtK8W00A==
age
35936
token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame E9F3 		251 B
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/digital-wallets/google-pay/token
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
0ac6c03360ea03ba9f0aed53f3eb1f6f2c2e197249071f239295c18bdc177502
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://web.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json; charset=utf-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
square-version
2018-07-12
x-speleo-traceid
KKjGbDHKPgXKc
vary
Origin, Accept-Encoding
content-length
236
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://web.squarecdn.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/digital-wallets/google-pay/token
Protocol
H2
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://web.squarecdn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://web.squarecdn.com
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
date
Wed, 01 Sep 2021 16:45:22 GMT
content-length
0
strict-transport-security
max-age=631152000; includeSubDomains; preload
card-wrapper.css
web.squarecdn.com/1.10.0/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.10.0/card-wrapper.css
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:ee00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b69e50388b6b9061cf69b5f7816474cac9d173f8904e17cfadd96433d748c087

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
pkMCGQtFt9EfIF1cnxIy3o05eoQWDfy.
content-encoding
gzip
etag
W/"fee8c675780f4bbbce9dfa5fe937dcfb"
age
58969
x-cache
Hit from cloudfront
x-amz-meta-websdk-version
1.10.0
access-control-allow-origin
*
last-modified
Mon, 23 Aug 2021 19:39:17 GMT
server
AmazonS3
date
Wed, 01 Sep 2021 00:22:34 GMT
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
xrT6gLy1ZdflRm1f-XQS5D18x2LIuXich8nPQURz-hoTeRv-5e6zJg==
sqmarket-regular.woff2
d1g145x70srn7h.cloudfront.net/fonts/sqmarket/ Frame 29FA 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1g145x70srn7h.cloudfront.net/fonts/sqmarket/sqmarket-regular.woff2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.10.0/single-card-element-iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
229ec17324b239127841118369b6ba49cb6acbc054be11dd6b27e68c115565c7

Request headers

Origin
https://web.squarecdn.com
Referer
https://web.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 18:19:18 GMT
Via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
Age
80765
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
29044
Last-Modified
Mon, 24 Aug 2015 16:41:41 GMT
Server
AmazonS3
ETag
"84eba500a4ec29ccfadf1e9bff16b67f"
Vary
Origin
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
CcLixdUV9eg1iOIXvMg.HaT5aV.S.lWh
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA56-P2
Accept-Ranges
bytes
Content-Type
application/octet-stream
X-Amz-Cf-Id
0ow8Tvkhlxtz_NL84mW1d4j1ZFyDfe1WKgwOZR_-LejD_8gFn-TBNw==
payframe
pay.google.com/gp/p/ui/ Frame 98AC 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsquareup.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11d7331150bcf47b5b1c13b064749a1d151884b28bbd15d353114e0371da5a47
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-NF89mAj3EurLxWloHp2jmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-NF89mAj3EurLxWloHp2jmA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pay.google.com
:scheme
https
:path
/gp/p/ui/payframe?origin=https%3A%2F%2Fsquareup.com&mid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=sfpflJ7Sj6Xk7_ewcXuYS44FLQNUHSHnrbLVFPJwGM1_CHKJhWwKBk4eUt-vNtymxRKgW6cZSUw8oBF_PdO4On9F7nTtxnKEfOfMu0RT0FyOCN00HAPvZmYP1XEcuhfwILs0qtLBhWfvZHMXoDBpBnR_fd_f0f-pthhyTIQk7AQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
expires
Wed, 01 Sep 2021 16:45:23 GMT
date
Wed, 01 Sep 2021 16:45:23 GMT
cache-control
private, max-age=3600
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-NF89mAj3EurLxWloHp2jmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-NF89mAj3EurLxWloHp2jmA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-resource-policy
same-site
cross-origin-opener-policy
same-origin
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
frame.html
connect.squareup.com/payments/data/ Frame 8092 		31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F
Requested by
Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.132 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
543a190d897e9e7c8d17a88154c936b060761f8816563cb7afe37caaeb39244d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
connect.squareup.com
:scheme
https
:path
/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_savt=819608cf-a4f5-41f7-aa3e-1ca65d44feb5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
content-type
text/html
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
date
Wed, 01 Sep 2021 16:45:23 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
/
nd.squarecdn.com/2.2/w/w-952168/sync/js/ 		284 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nd.squarecdn.com/2.2/w/w-952168/sync/js/
Requested by
Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.176.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab3378e3025098c17.awsglobalaccelerator.com
Software
nginx /
Resource Hash
370e0b0e8c254ae6444638496a8d214da528af9513f089c1b79566ea10381706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nds-datacontractrequirement1
Placement, No matching URL placement for w-952168 at https://squareup.com/.
date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff, nosniff
x-nds-datacontractrequirement2
Placement, Placement page number has not been detected.
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
x-nds-datacontractrequirement0
Placement, Placement page has not been detected.
strict-transport-security
max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
v2
pci-connect.squareup.com/payments/mtx/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://squareup.com
access-control-allow-credentials
true
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:500
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bcd384bf571d778f6db41260662a2cd9f3afe1b491d5905f37f290cdb4efae4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 16:36:01 GMT
server
ESF
date
Wed, 01 Sep 2021 16:45:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Sep 2021 16:45:23 GMT
generate_gpay_btn_img
pay.google.com/gp/p/ Frame FFB5 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e5685b11f8844af0bdeaddab99c264290d084d8251353e2a6e231f17d858848
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-y+YncOrqG6M35pMq7pq9og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'nonce-y+YncOrqG6M35pMq7pq9og' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pay.google.com
:scheme
https
:path
/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=sfpflJ7Sj6Xk7_ewcXuYS44FLQNUHSHnrbLVFPJwGM1_CHKJhWwKBk4eUt-vNtymxRKgW6cZSUw8oBF_PdO4On9F7nTtxnKEfOfMu0RT0FyOCN00HAPvZmYP1XEcuhfwILs0qtLBhWfvZHMXoDBpBnR_fd_f0f-pthhyTIQk7AQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 01 Sep 2021 16:45:23 GMT
strict-transport-security
max-age=31536000
cross-origin-resource-policy
same-site
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-y+YncOrqG6M35pMq7pq9og' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'nonce-y+YncOrqG6M35pMq7pq9og' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
cross-origin-opener-policy
same-origin
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ 		149 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 06:59:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
380743
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149
x-xss-protection
0
expires
Sun, 28 Aug 2022 06:59:40 GMT
dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 		2 KB
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark_gpay.svg
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChAiO-c1n_2Nh42O1BMix7JAEPcP/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 16:06:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
88759
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
928
x-xss-protection
0
expires
Wed, 31 Aug 2022 16:06:04 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://squareup.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 22:35:34 GMT
x-content-type-options
nosniff
age
65389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Aug 2022 22:35:34 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/w... Frame FFB5 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrjuys7BtgNy5MmnRr5LwIMmo8bIsg/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34283eea05a36ee469b7c39c787c3f7fb2ce2d07e076447775cf98ec5f1eb213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 19:56:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52102
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 18:25:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 19:56:28 GMT
en.svg
www.gstatic.com/instantbuy/svg/dark/ Frame FFB5 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark/en.svg
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce527fafef4b207a04a9a69a1b016429ac94b16d6289db2ca5175b9cbf357d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 04:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
563753
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1779
x-xss-protection
0
expires
Fri, 26 Aug 2022 04:09:30 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.w... Frame FFB5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.wnX-gW_jIfE.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/rs=AMitfrggiMdML9C63BE4TU91TqbO9c2VCg/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrjuys7BtgNy5MmnRr5LwIMmo8bIsg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7646ab3d39f53901de654f68dc1804a8700a3e06f0dbdcec451dc948f75b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 19:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13265
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 18:25:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 19:56:47 GMT
v2
pci-connect.squareup.com/payments/mtx/ Frame E9F3 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://web.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://web.squarecdn.com
access-control-allow-credentials
true
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm78... Frame 98AC 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsquareup.com&mid=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011bb584fa3ca8b3458fc8052d28f77d452c17e9f2536ca4abeb9dba4d1ba9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 16:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52176
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 18:25:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:29:59 GMT
m=Wt6vjf,_latency,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.w... Frame FFB5 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.wnX-gW_jIfE.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/rs=AMitfrggiMdML9C63BE4TU91TqbO9c2VCg/m=Wt6vjf,_latency,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrjuys7BtgNy5MmnRr5LwIMmo8bIsg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bf50c24880e35581c883b20e89347b4cae6711510dd2b1d0c041499804a9f9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 19:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14365
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 18:25:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 19:56:47 GMT
m=lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.w... Frame FFB5 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.wnX-gW_jIfE.L.B1.O/am=AoA/d=1/exm=FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_latency,_tp,byfTOb,lsjVmc,ws9Tlc/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/rs=AMitfrggiMdML9C63BE4TU91TqbO9c2VCg/m=lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrjuys7BtgNy5MmnRr5LwIMmo8bIsg/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d99113ba4794d273fca02313b7e10b423043589ba6be14bc496ddb2e9a2d0b4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 19:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3533
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 18:25:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 19:56:47 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.179... Frame 98AC 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.179tj_qzZxc.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjGXDXyddWLHeEGWzfJ_OW1oKyfag/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78c757608373edbb9a1e68e3ad62fd1ca0d4bcf42a4599a3c0b4b92331bfc0a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 17:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13278
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 18:25:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 17:39:41 GMT
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.179... Frame 98AC 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.179tj_qzZxc.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjGXDXyddWLHeEGWzfJ_OW1oKyfag/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
991fe7994e325c7b036506f5934e6662925a934a54d9dc4ee7cb8dc6a0d047a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 16:30:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26819
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 18:25:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:30:01 GMT
log
play.google.com/ Frame FFB5 		131 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.H2Nx2Trfc7o.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrjuys7BtgNy5MmnRr5LwIMmo8bIsg/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:23 GMT
analytics.js
www.google-analytics.com/ Frame 98AC 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.179tj_qzZxc.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjGXDXyddWLHeEGWzfJ_OW1oKyfag/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4384
date
Wed, 01 Sep 2021 15:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 01 Sep 2021 17:32:19 GMT
pay
pay.google.com/gp/p/ui/ Frame 98AC 		1 MB
342 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8d6493d15e3eca8130ac607f87f4d4b59c2fd71ec3b309945867bf5a173eb36
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-a9KhNNCpz7Cs/ANTH7gujA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-a9KhNNCpz7Cs/ANTH7gujA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none
date
Wed, 01 Sep 2021 16:45:23 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-a9KhNNCpz7Cs/ANTH7gujA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-a9KhNNCpz7Cs/ANTH7gujA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Wed, 01 Sep 2021 16:45:23 GMT
log
play.google.com/ Frame 98AC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:23 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 01 Sep 2021 16:45:23 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 16:45:23 GMT
cache-control
private
log
play.google.com/ Frame 98AC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:23 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3-29
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 01 Sep 2021 16:45:23 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 16:45:23 GMT
cache-control
private
log
play.google.com/ Frame 98AC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:23 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3-29
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 01 Sep 2021 16:45:23 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 16:45:23 GMT
cache-control
private
log
play.google.com/ Frame 98AC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:23 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3-29
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 01 Sep 2021 16:45:23 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 16:45:23 GMT
cache-control
private
log
play.google.com/ Frame 98AC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:23 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3-29
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 01 Sep 2021 16:45:23 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 16:45:23 GMT
cache-control
private
log
play.google.com/ Frame 98AC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:23 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3-29
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 01 Sep 2021 16:45:23 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 16:45:23 GMT
cache-control
private
log
play.google.com/ Frame 98AC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:23 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3-29
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Wed, 01 Sep 2021 16:45:23 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 01 Sep 2021 16:45:23 GMT
cache-control
private
m=Wt6vjf,_latency,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.179... Frame 98AC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.179tj_qzZxc.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjGXDXyddWLHeEGWzfJ_OW1oKyfag/m=Wt6vjf,_latency,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e9de147afa95a31de4b5f821d317f4d8d1b34cac09cb54e3cafcb0f7dce6522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 16:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7316
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 18:25:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 16:55:26 GMT
m=lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.179... Frame 98AC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.179tj_qzZxc.L.B1.O/am=AoA/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_latency,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjGXDXyddWLHeEGWzfJ_OW1oKyfag/m=lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fae154771d5aad9894febc0d55235df1d4aa32c1eaf1ca8f39f7aa534243a44a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 31 Aug 2021 17:39:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3339
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 18:25:07 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 31 Aug 2022 17:39:41 GMT
log
play.google.com/ Frame 98AC 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.aOj63eMwOuQ.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjm787oWjNxpLGfTS4TgNPOulju2g/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 01 Sep 2021 16:45:23 GMT
token
connect.squareup.com/v2/analytics/ Frame 8092 		108 B
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.squareup.com/v2/analytics/token
Requested by
Host: connect.squareup.com
URL: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.132 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
34b40fce15a0215f806c3f03e04dbd12940065602facbff1e42eb6d30c9d70e4
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChAiO-c1n_2Nh42O1BMix7JAEPcP%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
square-version
2018-07-12
x-speleo-traceid
EPKKPHWDRMZGA
vary
Origin, Accept-Encoding
content-length
125
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://connect.squareup.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies
/
nd.squarecdn.com/2.2/w/w-952168/init/js/ 		482 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nd.squarecdn.com/2.2/w/w-952168/init/js/?q=%7B%22e%22%3A238318%2C%22oq%22%3A%221600%3A1200%3A1600%3A1200%3A1600%3A1200%22%2C%22wfi%22%3A%22flap-151081%22%2C%22yf%22%3A%7B%7D%2C%22uers%22%3A%22uggcf%3A%2F%2Ffdhnerhc.pbz%2Fcnl-vaibvpr%2Fvai%3A0-PuNvB-p1a_2Au42B1OZvk7WNRCpC%2F%22%2C%22ov%22%3A%22o2%7C1600k1200%201600k1200%2024%2024%7C-60%7Cra-HF%7Coc1-700%7Csnyfr%7C%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F92.0.4515.159%20Fnsnev%2F537.36%7CAbg%20Fhccbegrq%22%7D
Requested by
Host: nd.squarecdn.com
URL: https://nd.squarecdn.com/2.2/w/w-952168/sync/js/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.176.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab3378e3025098c17.awsglobalaccelerator.com
Software
nginx /
Resource Hash
467ec63f794cb2035b7323fd4c49c9c8eb5d4393d88caeec523b23557bef2616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 16:45:23 GMT
x-content-type-options
nosniff, nosniff
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains;
content-length
482
x-xss-protection
1; mode=block
v2
pci-connect.squareup.com/payments/mtx/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.136 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Wed, 01 Sep 2021 16:45:24 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://squareup.com
access-control-allow-credentials
true
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __core-js_shared__ object| core function| SqPaymentForm object| __SENTRY__ object| Square function| gtag object| dataLayer object| IntlPolyfill function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| LanguageDetector function| PreloadScreen object| preloadScreen boolean| runningTests object| loader function| define function| requireModule function| require function| requirejs function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray boolean| preferNative function| _typeof undefined| __ember_auto_import__ function| _get function| _superPropBase function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf object| EmberENV function| moment function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| mainContext object| Ember object| Em undefined| Raven object| protobufjs object| webpackJsonp_ember_auto_import_ function| _eai_r function| _eai_d function| emberAutoImportDynamic object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| a object| b object| c string| d object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| ndsapi string| ndjsStaticVersion function| nsbopifkzi object| nslyyidtyi object| nslgf boolean| nsdwhx number| nsviymjoy number| nsbopifk object| nsbopi function| nslyyidty object| nsgukk object| nscav object| nsgukkebk object| nsviymjoyg object| nslyyidt boolean| nsfkgjo string| nscavjy object| nds object| nscavj function| nslgfnpyxj function| nsviymjo number| numQueries function| validateSessionIdCookie object| returned string| version string| nslyyid string| nsdwhxu function| nslgfn function| nslgfnpyx function| nscavjyd string| nsviym function| nsfkg function| nsfkgjoqrf string| nsviy string| nsfkgjoq string| nsdwhxurq string| nsfkgjoqr object| nsdwhxur function| nslyy function| nsbop object| nsfkgj function| nsdwhxurqd function| nslgfnpy function| nsviymj function| nslgfnp function| nsdwh function| nsguk function| nsbopif function| nscavjydj function| ndwti function| nsbopifkz function| nsgukkeb function| nsgukkebkh function| nscavjydje function| nsnfwm function| nsgvvln function| nslyrfuyoh function| nslyrfuyo function| nswwaawej function| nsiievbab function| nsyivzxe function| nswwaawe function| nsgvv function| ndwts function| nsyivz function| nsyfqpwtn function| nsnfw function| HashUtil function| nsnemt function| nsgvvlnu function| nsyfq function| nsgvvlnuks function| nsyfqpwtna function| nsgvvl object| nsgukke function| nswwa function| ndoGetObjectKeys boolean| nslyyi function| nsnfwmipk function| nslyrfu function| nsqvjs function| nsdkfgxenr function| nsmioi function| nsdkfg function| ThreeDS2Service function| ChallengeParameters object| ThreeDS

5 Cookies

Domain/Path Name / Value
.squareup.com/ Name: _ga
Value: GA1.2.481243311.1630514721
.squareup.com/ Name: _savt
Value: 46ca54a7-e185-436e-8ba9-bf1372da1742
.squareup.com/ Name: _gat_gtag_UA_118441582_1
Value: 1
.squareup.com/ Name: _gid
Value: GA1.2.1630665270.1630514721
squareup.com/ Name: squareGeo
Value: SE-Z

2 Console Messages

Source Level URL
Text
console-api debug URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js(Line 5648)
Message:
ES2 Event [object Object]
console-api debug URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js(Line 5648)
Message:
ES2 Event [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.squareup.com
connect.squareup.com
d1g145x70srn7h.cloudfront.net
dl6rt3mwcjzxg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
invoice-frontend-production-f.squarecdn.com
js.squareup.com
nd.squarecdn.com
pay.google.com
pci-connect.squareup.com
play.google.com
squareup.com
wcssssxs.r.us-west-2.awstrack.me
web.squarecdn.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
151.101.129.49
151.101.193.49
18.66.112.26
18.66.97.97
2600:9000:2240:ee00:13:4005:e4c0:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::5c
52.38.88.225
74.122.189.132
74.122.189.133
74.122.189.136
99.83.176.153
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
011bb584fa3ca8b3458fc8052d28f77d452c17e9f2536ca4abeb9dba4d1ba9a9
09f6b6ff98dc14e11eefaab855cbd2ae6f7782207f00d2a569c8e5990695381d
0ac6c03360ea03ba9f0aed53f3eb1f6f2c2e197249071f239295c18bdc177502
0e5685b11f8844af0bdeaddab99c264290d084d8251353e2a6e231f17d858848
11d7331150bcf47b5b1c13b064749a1d151884b28bbd15d353114e0371da5a47
1245e389a55a8c3b1b7762dd9b6d92ae09f575c0ac77925f7af190d874b04c12
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1dd21fcd4cb667e8609e0044091df3b7a1a8bb6108aa8ed9e76940bc331f6cc8
1fbd9205596cd9c4fae3017cfbcd22394138c8253415926fbc7ba060227ca35a
229ec17324b239127841118369b6ba49cb6acbc054be11dd6b27e68c115565c7
29fd49297e8b57fcc17307c57ad0bd8866ff3eee75de6c2eaa0096c7e0b9cf4b
2dc807ac569dc6c1b8e3769e4702ec99032b57e8745161e0c603e3de63a3d92b
34283eea05a36ee469b7c39c787c3f7fb2ce2d07e076447775cf98ec5f1eb213
34b40fce15a0215f806c3f03e04dbd12940065602facbff1e42eb6d30c9d70e4
370e0b0e8c254ae6444638496a8d214da528af9513f089c1b79566ea10381706
3c21de5d72e7f034a98612525e4718c3cd06192c7aa5ca9993ed378a86325738
3d1777861ce46fe973eca93898a963d05ec97a6022dac22e20ccfe7d75a6cb90
467ec63f794cb2035b7323fd4c49c9c8eb5d4393d88caeec523b23557bef2616
4cc58116c96c356881f7d2aaf68215d18ec3f583486fa3e4c25b56f3fc06bacb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2158fad11f0c3cea49561e18953e14c573a87d9b365e70acf6697fc90041a3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5281b4c1f5c2381c845d65e1040c32aee00266f38125fffb5401224134e7cdb7
543a190d897e9e7c8d17a88154c936b060761f8816563cb7afe37caaeb39244d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71f21c5270b3632c61ca8bfdc02e5f40201ec17a284dc8c9e446565756ed3b51
77c2e42d42a15c3d7eca6751c19a048904ceb6031a46c63b263507337751b03c
78c757608373edbb9a1e68e3ad62fd1ca0d4bcf42a4599a3c0b4b92331bfc0a9
7e7646ab3d39f53901de654f68dc1804a8700a3e06f0dbdcec451dc948f75b9e
872ec2095f32e3b178d26ef41f302765414919e49a097fd24430a40481d2981e
924fdd63a0ad04c23bff8f8ea428daab48d4bdc133e0c5b97c3dc1cb86feeeea
937fb2c7998645ab86f885f9d89d67692b61a6e81b360b3ca9bfc1828a3f6b76
991fe7994e325c7b036506f5934e6662925a934a54d9dc4ee7cb8dc6a0d047a7
99aa41ddd98912ea325a7dbfc0d4d36f8969258ff616cc1ddc9a42e27f9e380a
9bf50c24880e35581c883b20e89347b4cae6711510dd2b1d0c041499804a9f9d
9e9de147afa95a31de4b5f821d317f4d8d1b34cac09cb54e3cafcb0f7dce6522
a5d4d3d96ea4d5f528b3ab87a30644763579970d28eade203ec3635c35561fd7
a8d6493d15e3eca8130ac607f87f4d4b59c2fd71ec3b309945867bf5a173eb36
b30ce50eb1cf665070fbea0e46a477ce6169c5da11f5853faf41553185d55fea
b69e50388b6b9061cf69b5f7816474cac9d173f8904e17cfadd96433d748c087
bb954d9033effc162fed52e5107b8ead563e00f5da5df86e327b083ca4447844
bcd384bf571d778f6db41260662a2cd9f3afe1b491d5905f37f290cdb4efae4b
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
c0e12af487b1dbea88322f3a67504be9e5f8734f7ebe069e8a719cb8dcd59d8c
cae859d1b1fb66010d2bf014239d5e5d07faf937b0cf3acaccb4d171e58485b0
ce527fafef4b207a04a9a69a1b016429ac94b16d6289db2ca5175b9cbf357d0f
d325ad5097d79a4ca85ab353303f46188fb6df5d0eb518d02f3ad7b6abe1f025
d821f6cc288a061d009f64f53e24908fe006c3307dff1410a516ee8edf1a91cd
d964f5084cc7b238b22a616d0abe1b13ed3c1a3c53761667d9c5e7fe241dfcda
d99113ba4794d273fca02313b7e10b423043589ba6be14bc496ddb2e9a2d0b4e
db4423ff332dcb542f4544a5bf1e8261f019a4fd812b6838d21de51b3b452791
e0eaf26cdf05c1f7ae84506a0adea5793de9dd86f8b03ef0ac747080195e6071
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e615474ffad917e5ff38be33f15337599ac00a865b5ce950ba93b2b83bb4419b
eda6f7f1f9691bec0b6a4efa87c38c53e2692ffe1d9e3059f1d4883183468ba9
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
fae154771d5aad9894febc0d55235df1d4aa32c1eaf1ca8f39f7aa534243a44a
fb8da7eb5b1b399e7321179dac9e9f65773d7331e1e30554e3911e4325e1ef19
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62