urlscan.io logo urlscan.io
SecurityTrails logo

squareup.com Open in urlscan Pro
151.101.193.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wcssssxs.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquareup.com%2Fpay-invoice%2Finv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F/1/0101017b8e09...
Effective URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Submission: On August 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 9 domains to perform 80 HTTP transactions. The main IP is 151.101.193.49, located in United States and belongs to FASTLY, US. The main domain is squareup.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on May 3rd 2021. Valid for: a year.
This is the only time squareup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.38.88.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-88-225.us-west-2.compute.amazonaws.com
wcssssxs.r.us-west-2.awstrack.me
3    151.101.193.49 (United States)

ASN54113 (FASTLY, US)
squareup.com
9    74.122.190.85 (United States)

ASN15211 (SQUARE, US)
js.squareup.com
pci-connect.squareup.com
4    2600:9000:2156:de00:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
web.squarecdn.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    151.101.13.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
invoice-frontend-production-f.squarecdn.com
3    143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net
d1g145x70srn7h.cloudfront.net
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.96.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-60.zrh50.r.cloudfront.net
dl6rt3mwcjzxg.cloudfront.net
3    74.122.190.68 (United States)

ASN15211 (SQUARE, US)
images.squareup.com
connect.squareup.com
2    74.122.189.133 (Ashburn, United States)

ASN15211 (SQUARE, US)
PTR: api.iad1.squareup.com
api.squareup.com
4    2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
2    99.83.176.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab3378e3025098c17.awsglobalaccelerator.com
nd.squarecdn.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Domain Requested by
16 play.google.com www.gstatic.com
15 invoice-frontend-production-f.squarecdn.com squareup.com
12 www.gstatic.com squareup.com
pay.google.com
www.gstatic.com
7 pci-connect.squareup.com web.squarecdn.com
4 pay.google.com web.squarecdn.com
pay.google.com
www.gstatic.com
4 web.squarecdn.com squareup.com
web.squarecdn.com
3 www.google-analytics.com www.googletagmanager.com
invoice-frontend-production-f.squarecdn.com
www.gstatic.com
3 d1g145x70srn7h.cloudfront.net invoice-frontend-production-f.squarecdn.com
web.squarecdn.com
3 squareup.com invoice-frontend-production-f.squarecdn.com
2 nd.squarecdn.com js.squareup.com
nd.squarecdn.com
2 connect.squareup.com js.squareup.com
connect.squareup.com
2 api.squareup.com
2 js.squareup.com squareup.com
web.squarecdn.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com squareup.com
1 images.squareup.com
1 dl6rt3mwcjzxg.cloudfront.net invoice-frontend-production-f.squarecdn.com
1 www.googletagmanager.com squareup.com
1 wcssssxs.r.us-west-2.awstrack.me 1 redirects
80 19

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
support.apple.com
www.microsoft.com
Subject Issuer Validity Valid
squareup.com
Entrust Certification Authority - L1K		 2021-05-03 -
2022-05-02		 a year crt.sh
*.squareup.com
Entrust Certification Authority - L1K		 2020-11-13 -
2021-11-30		 a year crt.sh
web.squarecdn.com
Amazon		 2021-06-01 -
2022-06-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.squarecdn.com
Entrust Certification Authority - L1K		 2021-02-04 -
2022-02-15		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
nd.squarecdn.com
Amazon		 2021-02-24 -
2022-03-25		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Frame ID: 263177AC298103D123B1AB7526C335C5
Requests: 41 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Frame ID: CFF84E2D59E7243774F0AF25FD36A54A
Requests: 4 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.10.0/single-card-element-iframe.html
Frame ID: 754DB9C97FB6906BA314925C1F98ECB8
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsquareup.com&mid=
Frame ID: D66F1DFF1BEF16519E0E27BC362AEA20
Requests: 16 HTTP requests in this frame

Frame: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F
Frame ID: 7C0A9F55EE136772CACD7C96848FDFA3
Requests: 2 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
Frame ID: 15ADF89D85AE21A9D2E1BD0B6C9FE14D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Square - Invoice - 4084credit cardSquare

Page URL History Show full URLs

  1. https://wcssssxs.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquareup.com%2Fpay-invoice%2Finv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEM... HTTP 302
    https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

80
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

19
Subdomains

18
IPs

3
Countries

1753 kB
Transfer

6218 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wcssssxs.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquareup.com%2Fpay-invoice%2Finv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F/1/0101017b8e096ec7-bbc8388b-86c8-4ee0-a6c1-0ef1a09e38c7-000000/TBy1-c5_2uDfkqzSEex6eb_Uopw=233 HTTP 302
    https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Redirect Chain
  • https://wcssssxs.r.us-west-2.awstrack.me/L0/https:%2F%2Fsquareup.com%2Fpay-invoice%2Finv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F/1/0101017b8e096ec7-bbc8388b-86c8-4ee0-a6c1-0ef1a09e38c7-000000/TBy1-c5_2uD...
  • https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
99aa41ddd98912ea325a7dbfc0d4d36f8969258ff616cc1ddc9a42e27f9e380a
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload

Request headers

:method
GET
:authority
squareup.com
:scheme
https
:path
/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type
text/html
last-modified
Wed, 18 Aug 2021 17:21:33 GMT
etag
W/"611d419d-4ac1"
x-square
S=aia502.sjc2b.square
content-encoding
gzip
strict-transport-security
max-age=631152000; includeSubDomains; preload
accept-ranges
bytes
date
Sat, 28 Aug 2021 21:29:22 GMT
via
1.1 varnish
x-served-by
cache-hhn4030-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1630186162.334922,VS0,VE586
vary
Accept-Encoding
set-cookie
squareGeo=DE-BE; path=/; SameSite=Strict; Secure; max-age=2419200

Redirect headers

Date
Sat, 28 Aug 2021 21:29:21 GMT
Location
https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Content-Length
0
Connection
keep-alive
paymentform
js.squareup.com/v2/ 		162 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.squareup.com/v2/paymentform
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.85 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
937fb2c7998645ab86f885f9d89d67692b61a6e81b360b3ca9bfc1828a3f6b76
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Aug 2021 21:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 UTC
square.js
web.squarecdn.com/v1/ 		262 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/v1/square.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1245e389a55a8c3b1b7762dd9b6d92ae09f575c0ac77925f7af190d874b04c12

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
bNasq_fEqMD5W.OszEeEuqxBcHddCWBk
content-encoding
gzip
etag
W/"513e41497e45c70576e164d814812c71"
age
7316
x-cache
Hit from cloudfront
x-amz-meta-websdk-version
1.10.0
access-control-allow-origin
*
last-modified
Fri, 27 Aug 2021 19:25:55 GMT
server
AmazonS3
date
Sat, 28 Aug 2021 19:27:28 GMT
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
O5HJfdqdyScutgUvWsYbz7YBn51rerO48camLDYWq8ii8IxsdVlnxw==
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-118441582-1
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c371625e09750acf24d4362e9dcab026ac8edc1890e43e06cc081f11c5b7faff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 21:29:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41233
x-xss-protection
0
last-modified
Sat, 28 Aug 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Aug 2021 21:29:23 GMT
intl.min-2d83656b91128d68eeecfd97b9dd79af.js
invoice-frontend-production-f.squarecdn.com/assets/intl/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/intl.min-2d83656b91128d68eeecfd97b9dd79af.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dc807ac569dc6c1b8e3769e4702ec99032b57e8745161e0c603e3de63a3d92b

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
LKiacNsLRdLCWkg6Mh9jE0QoYiU5NPz1
content-encoding
gzip
etag
"1eb138d03f3f9d71adfd25d8ee710a42"
age
495597
via
1.1 varnish
x-cache
HIT
content-length
13713
x-amz-id-2
CpkHIda03qQLWByMugGJ/5ME3/eV6iT+4ELK+5doN1opUElv+xfIz7wbG416aLm1uztYFU+Dc1I=
x-served-by
cache-fra19141-FRA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630186163.973481,VS0,VE2
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
5H00GPF042B7RSEX
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
en-au-0222577690c4a3aacb2fba5cd9537df3.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-au-0222577690c4a3aacb2fba5cd9537df3.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d964f5084cc7b238b22a616d0abe1b13ed3c1a3c53761667d9c5e7fe241dfcda

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
tseQTej.WW1Nni_CuTcELxjsJkLbuYga
content-encoding
gzip
etag
"0fcd4bc76845af88bec21978b6e07ba7"
age
2646980
via
1.1 varnish
x-cache
HIT
content-length
3920
x-amz-id-2
bZOn/oI6GE71GYOL7w7fwONSyCY+O3OkJEL2uRLILibXB48LMO5yl/LjbiAzpNcJf6uqaSSsJsk=
x-served-by
cache-fra19141-FRA
last-modified
Mon, 26 Jul 2021 17:51:15 GMT
server
AmazonS3
x-timer
S1630186163.973655,VS0,VE1
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
07RRY6CHXRBSHYFT
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
en-ca-e078e768a62418f0d77cb6df0371bf01.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-ca-e078e768a62418f0d77cb6df0371bf01.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dd21fcd4cb667e8609e0044091df3b7a1a8bb6108aa8ed9e76940bc331f6cc8

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
WfJ4x714_hPyKpY475d39IflQE23xzNB
content-encoding
gzip
etag
"8b02c05077b3214d45c7656dac095fc6"
age
555663
via
1.1 varnish
x-cache
HIT
content-length
4065
x-amz-id-2
T6FDUiavNyDt5gzIz6+ggUDQbyKU7S+3kI45+OobjPMHkGRpZESzlgoaKk947GjU4RRTPMyEvFc=
x-served-by
cache-fra19141-FRA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630186163.978224,VS0,VE1
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
SR22JP816TR611BP
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
en-gb-cc40e0bbbd261889065a18b1b5a714d5.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-gb-cc40e0bbbd261889065a18b1b5a714d5.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71f21c5270b3632c61ca8bfdc02e5f40201ec17a284dc8c9e446565756ed3b51

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
9Hxrpzv5s7AWBcT7V_1gkTWvAvFPoivo
content-encoding
gzip
etag
"a53375f97256f0fae94bb68c931c8aaa"
age
495596
via
1.1 varnish
x-cache
HIT
content-length
4064
x-amz-id-2
WzsZhOInHGLPzz82sn4DknX/M2WqvJP4sEGkAfgsUqGAalFmkKcANgYxU1CPOmJCy6K5EvAPBGc=
x-served-by
cache-fra19141-FRA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630186163.973833,VS0,VE1
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
5H03SB9PGNATVHE9
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
en-ie-5cc058c1184e64e6e77a7227427ff0d0.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-ie-5cc058c1184e64e6e77a7227427ff0d0.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f2158fad11f0c3cea49561e18953e14c573a87d9b365e70acf6697fc90041a3

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
lzbG07Xc6LL3xhx92w4gnS3bjpGyEWPz
content-encoding
gzip
etag
"26e1307a2d7f527f34919bdfc580a100"
age
503416
via
1.1 varnish
x-cache
HIT
content-length
4067
x-amz-id-2
U/z3JOUrrmNKPmAUXX9bLnegVBw2XG03Ufy7z2tG8OCtHWUtsfE8x7zrqLUtxVzpxzqczuHSuyE=
x-served-by
cache-fra19141-FRA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630186163.977744,VS0,VE0
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
0D12RRMZGN7RX0VD
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
en-4117b0703b724e538ca3fe317aafd96b.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/en-4117b0703b724e538ca3fe317aafd96b.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
872ec2095f32e3b178d26ef41f302765414919e49a097fd24430a40481d2981e

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
93N2AGTE.p4Kl3dKHH8MUlNTr1XvdgZ.
content-encoding
gzip
etag
"9055c30a3384e3d28d133eb6effb0c8c"
age
495594
via
1.1 varnish
x-cache
HIT
content-length
4052
x-amz-id-2
avKUrQ8/zr4SukTaQvX/XAWFi/H2ocFzzNUT9eEFovl8fmenoF3HgDc1vcfWN7mi/e5s9hj8KXc=
x-served-by
cache-fra19141-FRA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630186163.977599,VS0,VE1
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
MMWVZ5S4SZY58ZFC
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
es-3453aba256d274692a0decf86dd0b767.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/es-3453aba256d274692a0decf86dd0b767.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d1777861ce46fe973eca93898a963d05ec97a6022dac22e20ccfe7d75a6cb90

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
6ECVJoTpK27.Gw28RHwcX9xjhKUbZq6m
content-encoding
gzip
etag
"a2697dd96efa4a7dc3d34eeba344d060"
age
495597
via
1.1 varnish
x-cache
HIT
content-length
3985
x-amz-id-2
r1ewZ23oSrJ8hF2n3ru4tKu4dwwKSftkr08m2Hu8LrtLpNf8//EnPkru1RO2vqEwmX8SxVGhvWU=
x-served-by
cache-fra19141-FRA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630186163.978089,VS0,VE0
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
FYHYCBAJXDJHAY61
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
fr-ca-a883be91bb2b04ab366d130114068172.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/fr-ca-a883be91bb2b04ab366d130114068172.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5281b4c1f5c2381c845d65e1040c32aee00266f38125fffb5401224134e7cdb7

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
4GrwVfy6Dm.AB6tqXmltck6APS6XNocJ
content-encoding
gzip
etag
"1d6bf742de9b055b4132d218e101cb98"
age
759198
via
1.1 varnish
x-cache
HIT
content-length
4164
x-amz-id-2
GpRF+yu0NYK6sqhIQXAsBVnXC7TwtYS5Mo28bOeZGtUxfsxeFKzWTwFLXP2/1m+LjKsuLAnOfW0=
x-served-by
cache-fra19141-FRA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630186163.977426,VS0,VE1
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
51RKT21XNW2WBHQN
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
ja-5f9fa9420ef1f4cbf31c2b5b7b66f688.js
invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/intl/locales/ja-5f9fa9420ef1f4cbf31c2b5b7b66f688.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eda6f7f1f9691bec0b6a4efa87c38c53e2692ffe1d9e3059f1d4883183468ba9

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
nfEwKR.qboFWjjqhYM0.daZwZnlhG0MQ
content-encoding
gzip
etag
"cb2e9ee6287b089d89919bee02da8b37"
age
2646982
via
1.1 varnish
x-cache
HIT
content-length
3048
x-amz-id-2
Yg4bl9sx5Ps6s62QrP6FUoVm4lK3NsTUzVqTVFeIL2S/EmSsuu5P6AQ4+0ZNeRrjjw2LynbmANg=
x-served-by
cache-fra19141-FRA
last-modified
Mon, 26 Jul 2021 17:51:15 GMT
server
AmazonS3
x-timer
S1630186163.974081,VS0,VE1
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
SVS32D0K9A8RTS0Y
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
clinton-c7f65054fa7ff58196da3fb8d199c85d.css
invoice-frontend-production-f.squarecdn.com/assets/styles/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/styles/clinton-c7f65054fa7ff58196da3fb8d199c85d.css
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
924fdd63a0ad04c23bff8f8ea428daab48d4bdc133e0c5b97c3dc1cb86feeeea

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
ULPjMv7s4fKhTN4HD1Y29eD_fxR860D8
content-encoding
gzip
etag
"73dc7f765387bf7601caf82010330753"
age
180564
via
1.1 varnish
x-cache
HIT
content-length
7195
x-amz-id-2
5txmPXSrDcrb4Ee2shP5i/2CjtDh9os12zUtxOKtMvl8+ApqE3UWZpPzeQEALbargLGC+/r8ht4=
x-served-by
cache-fra19141-FRA
last-modified
Thu, 26 Aug 2021 17:06:30 GMT
server
AmazonS3
x-timer
S1630186163.972993,VS0,VE2
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
004W6WFJ5NQZMQCN
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
1
vendor-d53856c17b0acac57e92e43fc84346a7.css
invoice-frontend-production-f.squarecdn.com/assets/ 		106 B
522 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/vendor-d53856c17b0acac57e92e43fc84346a7.css
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77c2e42d42a15c3d7eca6751c19a048904ceb6031a46c63b263507337751b03c

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
UFAaHJSHmtdENTaV5NJasS.B0iC9TxF6
content-encoding
gzip
etag
"df3f511451a6a24723f86ea54028f4b0"
age
565772
via
1.1 varnish
x-cache
HIT
content-length
101
x-amz-id-2
X/3ZiB+3qdAvYASlXCSaDwNl84gXl39BRPBocjdfy8CliVexa//JT2UfFTVkQIzdH6R8eQJ5hdo=
x-served-by
cache-fra19141-FRA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630186163.973179,VS0,VE2
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
HAK1PNK14435B582
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
1
invoice-fe-5c5b4e3794f36135cefd6bf20315cd64.css
invoice-frontend-production-f.squarecdn.com/assets/ 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/invoice-fe-5c5b4e3794f36135cefd6bf20315cd64.css
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5d4d3d96ea4d5f528b3ab87a30644763579970d28eade203ec3635c35561fd7

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
mF48yRAbgvk.ahEKaYspvMlBRvAQIMc5
content-encoding
gzip
etag
"2b1627443f1fc8a42e0574b595aa0586"
age
2637136
via
1.1 varnish
x-cache
HIT
content-length
8008
x-amz-id-2
wZUQxVRc7Odiy0AWejUpvS+FKZ/lvdGmL8k6T3uwq8t/Tj1d6ujlf9wNPJ9ZFuyj12PlLF+b37Q=
x-served-by
cache-fra19141-FRA
last-modified
Mon, 26 Jul 2021 17:51:15 GMT
server
AmazonS3
x-timer
S1630186163.973306,VS0,VE2
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
2GT3YD5TX5S7X106
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
1
vendor-c0a3b3789a118ee4565a23143223427c.js
invoice-frontend-production-f.squarecdn.com/assets/ 		2 MB
448 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0e12af487b1dbea88322f3a67504be9e5f8734f7ebe069e8a719cb8dcd59d8c

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
rGgbsSTCrnmfghZDDZMLWuJ3ev5gOhgf
content-encoding
gzip
etag
"5e08cbfb3cbaf91ff8fb00a2fb0104ea"
age
113811
via
1.1 varnish
x-cache
HIT
content-length
458301
x-amz-id-2
eyxGyFcjG5qdqEY0Qoktdbuyr0T/1loe8vfE7zK0pV7GNiNkwXCYR3Ofkc5bBKqg4RMGJyIqyk0=
x-served-by
cache-fra19141-FRA
last-modified
Thu, 26 Aug 2021 17:06:30 GMT
server
AmazonS3
x-timer
S1630186163.977900,VS0,VE1
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
B9W2DH9DYCWQYZAG
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
invoice-fe-7df0a6bdf8cadc9fd2d2814c7eccd6f2.js
invoice-frontend-production-f.squarecdn.com/assets/ 		807 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/invoice-fe-7df0a6bdf8cadc9fd2d2814c7eccd6f2.js
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fbd9205596cd9c4fae3017cfbcd22394138c8253415926fbc7ba060227ca35a

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
rptUG41YRqeNgma9P1cq08.AG3pe.HkF
content-encoding
gzip
etag
"64a2a48b54c6494b0a710d449070f2d9"
age
329934
via
1.1 varnish
x-cache
HIT
content-length
144774
x-amz-id-2
lZB8zHHsE2EuE9WWsY9CaeiSfx/qEmECqmW6zTlCDPdCrVcsR+yI2mcayvdkfGBqhZTCocmWI6g=
x-served-by
cache-fra19141-FRA
last-modified
Wed, 18 Aug 2021 17:21:35 GMT
server
AmazonS3
x-timer
S1630186163.973950,VS0,VE1
date
Sat, 28 Aug 2021 21:29:22 GMT
x-amz-request-id
3TCCMRQ00PM3C5YG
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1
print-41d0042198e988da1a5623fc418eb313.css
invoice-frontend-production-f.squarecdn.com/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://invoice-frontend-production-f.squarecdn.com/assets/print-41d0042198e988da1a5623fc418eb313.css
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cc58116c96c356881f7d2aaf68215d18ec3f583486fa3e4c25b56f3fc06bacb

Request headers

Origin
https://squareup.com
Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
Hk0uLpWFGxT9YT9F10S7t9lDmiV9.7eO
content-encoding
gzip
etag
"6fe5863a03b7539561e04bbb37eba416"
age
180565
via
1.1 varnish
x-cache
HIT
content-length
779
x-amz-id-2
iZqdbkChc2UKOkg1TGxl30Q1wr0nUeckPuFoPQW/vvVUvHLKwAvy5cSVxbOC0U2PAcElP0Y3n+E=
x-served-by
cache-fra19141-FRA
last-modified
Thu, 26 Aug 2021 17:06:30 GMT
server
AmazonS3
x-timer
S1630186164.804495,VS0,VE1
date
Sat, 28 Aug 2021 21:29:23 GMT
x-amz-request-id
004YVARC0T7TFKEQ
access-control-allow-origin
*
expires
Tue, 01 Jan 2030 00:00:00 GMT
cache-control
max-age=63072000, public
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
1
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d821f6cc288a061d009f64f53e24908fe006c3307dff1410a516ee8edf1a91cd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
sqmarket-medium.woff2
d1g145x70srn7h.cloudfront.net/fonts/sqmarket/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1g145x70srn7h.cloudfront.net/fonts/sqmarket/sqmarket-medium.woff2
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/invoice-fe-5c5b4e3794f36135cefd6bf20315cd64.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7

Request headers

Origin
https://squareup.com
Referer
https://invoice-frontend-production-f.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 28 Aug 2021 10:19:51 GMT
Via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Age
40173
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
30768
Last-Modified
Mon, 24 Aug 2015 16:41:39 GMT
Server
AmazonS3
ETag
"2344124773c71bf4fa4ad407e7c3a467"
Vary
Origin
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
kv.0reKcZpdvzDTj2XEiMO_1vJk6WDBB
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
application/octet-stream
X-Amz-Cf-Id
mZX5RfUM9Sgzf_TPSAYIHmnwNH57ui4TlXGpUVjmL0HMXPILAXpIqQ==
sqmarket-regular.woff2
d1g145x70srn7h.cloudfront.net/fonts/sqmarket/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1g145x70srn7h.cloudfront.net/fonts/sqmarket/sqmarket-regular.woff2
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/invoice-fe-5c5b4e3794f36135cefd6bf20315cd64.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
229ec17324b239127841118369b6ba49cb6acbc054be11dd6b27e68c115565c7

Request headers

Origin
https://squareup.com
Referer
https://invoice-frontend-production-f.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 28 Aug 2021 05:38:23 GMT
Via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Age
57061
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
29044
Last-Modified
Mon, 24 Aug 2015 16:41:41 GMT
Server
AmazonS3
ETag
"84eba500a4ec29ccfadf1e9bff16b67f"
Vary
Origin
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
CcLixdUV9eg1iOIXvMg.HaT5aV.S.lWh
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
application/octet-stream
X-Amz-Cf-Id
STEiDeStBzUrh2zhS858nZGdzucAc8VSk0LRZt-JfkFaXgm8i0bv5g==
GetInvoice
squareup.com/services/squareup.invoice.frontend.InvoiceFrontendService/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://squareup.com/services/squareup.invoice.frontend.InvoiceFrontendService/GetInvoice
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
395eb87ca4ab1fba8cccc7b7aba3c35754d2429d287128dee9281d191c49ce32
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://squareup.com
accept-encoding
gzip, deflate, br
x-csrf-token
undefined
accept-language
en-US
sec-fetch-dest
empty
cookie
squareGeo=DE-BE; _savt=8b78cc97-bcfa-4885-94b1-11c9dc0c5116
content-length
36
:path
/services/squareup.invoice.frontend.InvoiceFrontendService/GetInvoice
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-protobuf
accept
application/x-protobuf
cache-control
no-cache
:authority
squareup.com
referer
https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
:scheme
https
sec-fetch-site
same-origin
:method
POST
accept
application/x-protobuf
Referer
https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
x-csrf-token
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-protobuf

Response headers

strict-transport-security
max-age=631152000; includeSubDomains; preload
via
1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
content-transfer-encoding
binary
content-disposition
inline
x-square
S=apa1207.sjc2b.square
x-request-id
9dfe4e13-bbec-46b7-bdd1-de2b00a59534
x-served-by
cache-hhn4030-HHN
referrer-policy
strict-origin-when-cross-origin
x-timer
S1630186164.964477,VS0,VE487
etag
W/"395eb87ca4ab1fba8cccc7b7aba3c357"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/x-protobuf
x-xss-protection
1; mode=block
cache-control
private
set-cookie
squareGeo=DE-BE; path=/; SameSite=Strict; Secure; max-age=2419200
accept-ranges
bytes
date
Sat, 28 Aug 2021 21:29:24 GMT
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118441582-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
7024
date
Sat, 28 Aug 2021 19:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 28 Aug 2021 21:32:19 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=890761786&t=pageview&_s=1&dl=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F&ul=en-us&de=UTF-8&dt=Square&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=549067610&gjid=718549119&cid=483066429.1630186164&tid=UA-118441582-1&_gid=888183665.1630186164&_r=1&gtm=2ou8p0&z=517750277
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 28 Aug 2021 21:29:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://squareup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
LogView
squareup.com/services/squareup.invoice.frontend.InvoiceFrontendService/ 		2 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://squareup.com/services/squareup.invoice.frontend.InvoiceFrontendService/LogView
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb8da7eb5b1b399e7321179dac9e9f65773d7331e1e30554e3911e4325e1ef19
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-fetch-mode
cors
origin
https://squareup.com
accept-encoding
gzip, deflate, br
x-csrf-token
undefined
accept-language
en-US
sec-fetch-dest
empty
cookie
squareGeo=DE-BE; _savt=8b78cc97-bcfa-4885-94b1-11c9dc0c5116; _ga=GA1.2.483066429.1630186164; _gid=GA1.2.888183665.1630186164; _gat_gtag_UA_118441582_1=1
content-length
38
:path
/services/squareup.invoice.frontend.InvoiceFrontendService/LogView
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-protobuf
accept
application/x-protobuf
cache-control
no-cache
:authority
squareup.com
referer
https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
:scheme
https
sec-fetch-site
same-origin
:method
POST
accept
application/x-protobuf
Referer
https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
x-csrf-token
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-protobuf

Response headers

strict-transport-security
max-age=631152000; includeSubDomains; preload
via
1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-cache
MISS
content-transfer-encoding
binary
content-disposition
inline
x-square
S=apa1207.sjc2b.square
x-request-id
0baa3cad-c751-49ad-a050-dc0ff16528c4
x-served-by
cache-hhn4030-HHN
referrer-policy
strict-origin-when-cross-origin
x-timer
S1630186165.504882,VS0,VE272
etag
W/"fb8da7eb5b1b399e7321179dac9e9f65"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/x-protobuf
x-xss-protection
1; mode=block
cache-control
private
set-cookie
squareGeo=DE-BE; path=/; SameSite=Strict; Secure; max-age=2419200
accept-ranges
bytes
date
Sat, 28 Aug 2021 21:29:24 GMT
x-cache-hits
0
main-iframe.html
web.squarecdn.com/1.10.0/ Frame CFF8 		272 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09f6b6ff98dc14e11eefaab855cbd2ae6f7782207f00d2a569c8e5990695381d

Request headers

:method
GET
:authority
web.squarecdn.com
:scheme
https
:path
/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

content-type
text/html
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-max-age
300
last-modified
Mon, 23 Aug 2021 19:39:17 GMT
x-amz-meta-websdk-version
1.10.0
x-amz-version-id
cFXuyN7P1Tzlkgmy0PoIay15bX45f_bq
server
AmazonS3
content-encoding
gzip
date
Sat, 28 Aug 2021 03:59:48 GMT
cache-control
public, max-age=300
etag
W/"3f57e302192d022fff3c61e1f3f1d501"
x-cache
Hit from cloudfront
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
w8SEC263tIzQMCuGukkWR7GIuDzssTnKVfC5j2XaWjjQa0wAMKhT1g==
age
62977
sqmarket-medium.woff
dl6rt3mwcjzxg.cloudfront.net/assets/sqmarket/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl6rt3mwcjzxg.cloudfront.net/assets/sqmarket/sqmarket-medium.woff
Requested by
Host: invoice-frontend-production-f.squarecdn.com
URL: https://invoice-frontend-production-f.squarecdn.com/assets/styles/clinton-c7f65054fa7ff58196da3fb8d199c85d.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-60.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c21de5d72e7f034a98612525e4718c3cd06192c7aa5ca9993ed378a86325738

Request headers

Origin
https://squareup.com
Referer
https://invoice-frontend-production-f.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 27 Aug 2021 08:57:26 GMT
Via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
Age
131519
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
43576
Last-Modified
Fri, 10 May 2013 00:48:12 GMT
Server
AmazonS3
ETag
"c64563fa4880c7ef6488f3bb459d61b6"
Vary
Origin
Access-Control-Allow-Methods
GET
x-amz-version-id
null
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31557600
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Type
application/font-woff
X-Amz-Cf-Id
TdBNgj7zwssMVup7kN1FgoRzF8QWYBKavNkqVT7xNIrIIFsFZRRH6w==
Expires
Sat, 10 May 2014 06:48:11 GMT
original.jpeg
images.squareup.com/JEcJP6sMDD92_opjywE4Ct2-auk=/128x128/https://d1g145x70srn7h.cloudfront.net/files/377d75f98922ea2660f08de480687ec4cd8682d4/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squareup.com/JEcJP6sMDD92_opjywE4Ct2-auk=/128x128/https://d1g145x70srn7h.cloudfront.net/files/377d75f98922ea2660f08de480687ec4cd8682d4/original.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.68 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
10b24078ea3c56f5cbbb466a36cdd3612492e4dc647bca980fb9a587f43bb960
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
etag
"12dc8cf6416cd5d966854e8ffd094612e941d0b0"
strict-transport-security
max-age=631152000; includeSubDomains; preload
content-type
image/jpeg
cache-control
max-age=2592000,public
content-length
7308
x-square
S=awa562.sjc2b.square
expires
Mon, 27 Sep 2021 21:29:25 GMT
pixel_tracking
api.squareup.com/2.0/log/ 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.squareup.com/2.0/log/pixel_tracking?app_name=invoice-fe&u_library_name=js%2Feventstream&u_library_version=2.4.2&webpage_path=%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F&webpage_referrer=&webpage_title=&webpage_search=&webpage_full_url=https%3A%2F%2Fsquareup.com%2F%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F&webpage_base_url=https%3A%2F%2Fsquareup.com&browser_name=Chrome&browser_version=92.0.4515.159&browser_major_version=92&os_name=Windows&os_version=10&device_screen_height=1200&device_screen_width=1600&browser_height=1200&browser_width=1600&catalog_name=page_view&page_view_description=Invoices%3A%20Pay%20Page&subject_anonymous_token=8b78cc97-bcfa-4885-94b1-11c9dc0c5116&nocache=16301861645901
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.133 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
api.iad1.squareup.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 21:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
frame-options
DENY
x-frame-options
DENY
content-type
image/gif
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Accept-Encoding, User-Agent
content-length
56
x-xss-protection
1; mode=block
pixel_tracking
api.squareup.com/2.0/log/ 		43 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.squareup.com/2.0/log/pixel_tracking?app_name=invoice-fe&u_library_name=js%2Feventstream&u_library_version=2.4.2&webpage_path=%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F&webpage_referrer=&webpage_title=&webpage_search=&webpage_full_url=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F&webpage_base_url=https%3A%2F%2Fsquareup.com&browser_name=Chrome&browser_version=92.0.4515.159&browser_major_version=92&os_name=Windows&os_version=10&device_screen_height=1200&device_screen_width=1600&browser_height=1200&browser_width=1600&catalog_name=page_load_time&page_load_time_application_render_timestamp=1630186164586&page_load_time_navigation_start=1630186161539&page_load_time_fetch_start=1630186162311&page_load_time_domain_lookup_start=1630186162312&page_load_time_domain_lookup_end=1630186162318&page_load_time_connect_start=1630186162318&page_load_time_connect_end=1630186162335&page_load_time_secure_connection_start=1630186162324&page_load_time_request_start=1630186162335&page_load_time_response_start=1630186162936&page_load_time_response_end=1630186162937&page_load_time_dom_loading=1630186162940&page_load_time_dom_interactive=1630186163881&page_load_time_dom_content_loaded_event_start=1630186163881&page_load_time_dom_content_loaded_event_end=1630186163881&page_load_time_dom_complete=1630186163988&page_load_time_load_event_start=1630186163988&page_load_time_load_event_end=1630186163989&subject_anonymous_token=8b78cc97-bcfa-4885-94b1-11c9dc0c5116&nocache=16301861646172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.189.133 Ashburn, United States, ASN15211 (SQUARE, US),
Reverse DNS
api.iad1.squareup.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 21:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
frame-options
DENY
x-frame-options
DENY
content-type
image/gif
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Accept-Encoding, User-Agent
content-length
56
x-xss-protection
1; mode=block
hydrate
pci-connect.squareup.com/payments/ Frame CFF8 		815 B
741 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com&locationId=EV0G3ECSSSTMP
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.85 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
f1d006530d459ce5890f74109fc45173a5335473e074ee73898f84389808ca09
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://web.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json; charset=utf-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
square-version
2018-07-12
x-speleo-traceid
QHNNPMTKMbGKa
vary
Origin, Accept-Encoding
content-length
471
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
https://web.squarecdn.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
hydrate
pci-connect.squareup.com/payments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com&locationId=EV0G3ECSSSTMP
Protocol
H2
Server
74.122.190.85 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://web.squarecdn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
https://web.squarecdn.com
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
date
Sat, 28 Aug 2021 21:29:25 GMT
content-length
0
strict-transport-security
max-age=631152000; includeSubDomains; preload
data.js
js.squareup.com/payments/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.squareup.com/payments/data.js
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.85 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
15f38dff609e3564822c3a57359244baf2ddde0eac729f0ccc699f5b7909d765
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
pay.js
pay.google.com/gp/p/js/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7b2925e0047244e8725c503e5e7c42cedbee9baa9c57916680312f9a9041f82e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L8N67sWKYkJduZr9fWfXcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-L8N67sWKYkJduZr9fWfXcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private, max-age=600
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-L8N67sWKYkJduZr9fWfXcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-L8N67sWKYkJduZr9fWfXcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
single-card-element-iframe.html
web.squarecdn.com/1.10.0/ Frame 754D 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.10.0/single-card-element-iframe.html
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d325ad5097d79a4ca85ab353303f46188fb6df5d0eb518d02f3ad7b6abe1f025

Request headers

:method
GET
:authority
web.squarecdn.com
:scheme
https
:path
/1.10.0/single-card-element-iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

content-type
text/html
date
Sat, 28 Aug 2021 03:15:29 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-max-age
300
last-modified
Mon, 23 Aug 2021 19:39:17 GMT
etag
W/"eaaf3b62c063f3550aaae7792ce8b3b1"
cache-control
public, max-age=300
x-amz-meta-websdk-version
1.10.0
x-amz-version-id
JPEBY4Aob5wVV73hLl2MCXEoAyYZSTb6
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
umg3-9XQJjJF0EUn_cNayZMT_xx1ZkzJVren820BagjLd4IyCGgcog==
age
65636
token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame CFF8 		251 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/digital-wallets/google-pay/token
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.85 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
eab40a05004ade6fec6e4a68b5996ec72912e94d98c6c171222b78e5850d6428
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept
application/json
Referer
https://web.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json; charset=utf-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
square-version
2018-07-12
x-speleo-traceid
JCSXcJYShPQNc
vary
Origin, Accept-Encoding
content-length
238
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://web.squarecdn.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/digital-wallets/google-pay/token
Protocol
H2
Server
74.122.190.85 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://web.squarecdn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://web.squarecdn.com
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
date
Sat, 28 Aug 2021 21:29:25 GMT
content-length
0
strict-transport-security
max-age=631152000; includeSubDomains; preload
card-wrapper.css
web.squarecdn.com/1.10.0/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web.squarecdn.com/1.10.0/card-wrapper.css
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:de00:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b69e50388b6b9061cf69b5f7816474cac9d173f8904e17cfadd96433d748c087

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
pkMCGQtFt9EfIF1cnxIy3o05eoQWDfy.
content-encoding
gzip
etag
W/"fee8c675780f4bbbce9dfa5fe937dcfb"
age
59576
x-cache
Hit from cloudfront
x-amz-meta-websdk-version
1.10.0
access-control-allow-origin
*
last-modified
Mon, 23 Aug 2021 19:39:17 GMT
server
AmazonS3
date
Sat, 28 Aug 2021 04:56:30 GMT
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
1qQkeNofDzunu9g5yIsLYLpfBYkuHF7hkzUfZjcxtkQtYsUYbqD5Fg==
sqmarket-regular.woff2
d1g145x70srn7h.cloudfront.net/fonts/sqmarket/ Frame 754D 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1g145x70srn7h.cloudfront.net/fonts/sqmarket/sqmarket-regular.woff2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.10.0/single-card-element-iframe.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
229ec17324b239127841118369b6ba49cb6acbc054be11dd6b27e68c115565c7

Request headers

Origin
https://web.squarecdn.com
Referer
https://web.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 28 Aug 2021 04:52:43 GMT
Via
1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Age
59803
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
29044
Last-Modified
Mon, 24 Aug 2015 16:41:41 GMT
Server
AmazonS3
ETag
"84eba500a4ec29ccfadf1e9bff16b67f"
Vary
Origin
Access-Control-Allow-Methods
GET, HEAD
x-amz-version-id
CcLixdUV9eg1iOIXvMg.HaT5aV.S.lWh
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
application/octet-stream
X-Amz-Cf-Id
IZuOPieg1pTG9HZsT9TVD83L-n9QNJL2PU8r4Dh48ErnI-EkasawdA==
payframe
pay.google.com/gp/p/ui/ Frame D66F 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsquareup.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc1f499ac3f58c92b21c0160411819f5fe7cb152893dd0e4f9c879fe04ba93be
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-bYZdXxVO5VHKe6Gdd5EAvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-bYZdXxVO5VHKe6Gdd5EAvg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pay.google.com
:scheme
https
:path
/gp/p/ui/payframe?origin=https%3A%2F%2Fsquareup.com&mid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=Z5zGZTXr_iMDA7MQThbLZjeTJVmfRzIyJOu_75BG1alrNy3mWO2yUJ3wSNox1s-Lx0mvtuNhYlEHXb-8gygZ9dxd_JKJ70gb8iclKZY4hJBqJq2qWUdOIvat5JcS01EspbO2aYJ8sCQhzYe5V_-1gos-sZ0_YuKOBh49eCrW7Ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
expires
Sat, 28 Aug 2021 21:29:25 GMT
date
Sat, 28 Aug 2021 21:29:25 GMT
cache-control
private, max-age=3600
strict-transport-security
max-age=31536000
cross-origin-resource-policy
same-site
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-bYZdXxVO5VHKe6Gdd5EAvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-bYZdXxVO5VHKe6Gdd5EAvg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
cross-origin-opener-policy
same-origin
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
v2
pci-connect.squareup.com/payments/mtx/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.85 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://squareup.com
access-control-allow-credentials
true
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
v2
pci-connect.squareup.com/payments/mtx/ Frame CFF8 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.10.0/main-iframe.html?applicationId=sq0idp-Cf85mt46wI4zaxvAs2xIyw&hostname=squareup.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.85 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://web.squarecdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://web.squarecdn.com
access-control-allow-credentials
true
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block
frame.html
connect.squareup.com/payments/data/ Frame 7C0A 		31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F
Requested by
Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.68 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
ea5b918eb3b878586339e053bd4a9a8cef1fac226988db5c5102c43692b32053
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
connect.squareup.com
:scheme
https
:path
/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_savt=8b78cc97-bcfa-4885-94b1-11c9dc0c5116; _ga=GA1.2.483066429.1630186164; _gid=GA1.2.888183665.1630186164; _gat_gtag_UA_118441582_1=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://squareup.com/1.0/as-reporter/csp/H1RIu78lArbEkNnMnJ_Dc3rlPQ8hFsEvQGLIzjtY
content-type
text/html
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
date
Sat, 28 Aug 2021 21:29:25 GMT
strict-transport-security
max-age=631152000; includeSubDomains; preload
/
nd.squarecdn.com/2.2/w/w-952168/sync/js/ 		284 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nd.squarecdn.com/2.2/w/w-952168/sync/js/
Requested by
Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.176.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab3378e3025098c17.awsglobalaccelerator.com
Software
nginx /
Resource Hash
d6b61b204705f065f9c832cfb5b55a84f2b282f6915a8003edb6613e46ed0432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nds-datacontractrequirement1
Placement, No matching URL placement for w-952168 at https://squareup.com/.
date
Sat, 28 Aug 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff, nosniff
x-nds-datacontractrequirement2
Placement, Placement page number has not been detected.
server
nginx
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
x-nds-datacontractrequirement0
Placement, Placement page has not been detected.
strict-transport-security
max-age=31536000; includeSubDomains;, max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-xss-protection
1; mode=block, 1; mode=block
css
fonts.googleapis.com/ 		2 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:500
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bcd384bf571d778f6db41260662a2cd9f3afe1b491d5905f37f290cdb4efae4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 28 Aug 2021 21:28:29 GMT
server
ESF
date
Sat, 28 Aug 2021 21:29:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 28 Aug 2021 21:29:25 GMT
generate_gpay_btn_img
pay.google.com/gp/p/ Frame 15AD 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e80178302eb6e5b86024f11fd31427726e29a2abb7396fabc39d563519be86b6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-lz/5NNB3QKSppxjAJEW/Jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'nonce-lz/5NNB3QKSppxjAJEW/Jg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pay.google.com
:scheme
https
:path
/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://squareup.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=Z5zGZTXr_iMDA7MQThbLZjeTJVmfRzIyJOu_75BG1alrNy3mWO2yUJ3wSNox1s-Lx0mvtuNhYlEHXb-8gygZ9dxd_JKJ70gb8iclKZY4hJBqJq2qWUdOIvat5JcS01EspbO2aYJ8sCQhzYe5V_-1gos-sZ0_YuKOBh49eCrW7Ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://squareup.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 28 Aug 2021 21:29:25 GMT
strict-transport-security
max-age=31536000
cross-origin-resource-policy
same-site
cross-origin-opener-policy
same-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-lz/5NNB3QKSppxjAJEW/Jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'nonce-lz/5NNB3QKSppxjAJEW/Jg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ 		149 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 13:00:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
116961
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149
x-xss-protection
0
expires
Sat, 27 Aug 2022 13:00:04 GMT
dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark_gpay.svg
Requested by
Host: squareup.com
URL: https://squareup.com/pay-invoice/inv:0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 20:35:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
348835
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
928
x-xss-protection
0
expires
Wed, 24 Aug 2022 20:35:30 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJ... Frame D66F 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fsquareup.com&mid=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
011bb584fa3ca8b3458fc8052d28f77d452c17e9f2536ca4abeb9dba4d1ba9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 06:52:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52176
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 01:23:27 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 06:52:21 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://squareup.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 24 Aug 2021 22:35:34 GMT
x-content-type-options
nosniff
age
341631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Aug 2022 22:35:34 GMT
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q-k... Frame D66F 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q-kOYsu9_jY.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjTWgOs7qpKD8Hpgg3AKRtnpzV6jg/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
551076e7b6b427c0243b910b4729383d9055d79479482794b2a84197c22fea14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 14:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13279
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 21:24:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 14:16:32 GMT
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q-k... Frame D66F 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q-kOYsu9_jY.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjTWgOs7qpKD8Hpgg3AKRtnpzV6jg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3da8ea42badf556ed67aa93ad4e5e673e68a5dcd5292e70097af6a358713455d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 16:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26805
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 21:24:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 16:18:44 GMT
analytics.js
www.google-analytics.com/ Frame D66F 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q-kOYsu9_jY.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjTWgOs7qpKD8Hpgg3AKRtnpzV6jg/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
7026
date
Sat, 28 Aug 2021 19:32:19 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 28 Aug 2021 21:32:19 GMT
pay
pay.google.com/gp/p/ui/ Frame D66F 		1 MB
341 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ddd59a8a011b2b2de9bb2ec052bb5adb06918ed0e365f9e6decc6bd804fef2e4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-arLiU5wQ4RLyESa2+Dh4/A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-arLiU5wQ4RLyESa2+Dh4/A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none
date
Sat, 28 Aug 2021 21:29:25 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-arLiU5wQ4RLyESa2+Dh4/A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-arLiU5wQ4RLyESa2+Dh4/A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Sat, 28 Aug 2021 21:29:25 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/w... Frame 15AD 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrhPKQZIvc679XuVoT58ObzlymWDAQ/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34283eea05a36ee469b7c39c787c3f7fb2ce2d07e076447775cf98ec5f1eb213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 09:38:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52102
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 01:23:27 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 09:38:29 GMT
en.svg
www.gstatic.com/instantbuy/svg/dark/ Frame 15AD 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark/en.svg
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce527fafef4b207a04a9a69a1b016429ac94b16d6289db2ca5175b9cbf357d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 10:03:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
41148
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1779
x-xss-protection
0
expires
Sun, 28 Aug 2022 10:03:37 GMT
log
play.google.com/ Frame D66F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Sat, 28 Aug 2021 21:29:25 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 28 Aug 2021 21:29:25 GMT
cache-control
private
log
play.google.com/ Frame D66F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Sat, 28 Aug 2021 21:29:25 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 28 Aug 2021 21:29:25 GMT
cache-control
private
log
play.google.com/ Frame D66F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Sat, 28 Aug 2021 21:29:25 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 28 Aug 2021 21:29:25 GMT
cache-control
private
log
play.google.com/ Frame D66F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Sat, 28 Aug 2021 21:29:25 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 28 Aug 2021 21:29:25 GMT
cache-control
private
log
play.google.com/ Frame D66F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Sat, 28 Aug 2021 21:29:25 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 28 Aug 2021 21:29:25 GMT
cache-control
private
log
play.google.com/ Frame D66F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Sat, 28 Aug 2021 21:29:25 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 28 Aug 2021 21:29:25 GMT
cache-control
private
log
play.google.com/ Frame D66F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-goog-authuser
Origin
https://pay.google.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://pay.google.com
access-control-allow-methods
GET, POST, OPTIONS
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
content-type
text/plain; charset=UTF-8
date
Sat, 28 Aug 2021 21:29:25 GMT
server
Playlog
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 28 Aug 2021 21:29:25 GMT
cache-control
private
m=byfTOb,lsjVmc,LEikZe
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.B... Frame 15AD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.BG4aR00qkTU.L.B1.O/am=AoA/d=1/exm=_b,_tp/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/rs=AMitfrhT9P3UmyabMphBdO0o03g6IB1fEA/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrhPKQZIvc679XuVoT58ObzlymWDAQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc1b2eb3d5997e57d93ba9fd75fa1f2325422e3cdc0b6be0ad4a588d1d56a6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 19:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13266
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 21:24:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 19:37:48 GMT
m=Wt6vjf,_latency,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q-k... Frame D66F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q-kOYsu9_jY.L.B1.O/am=AoA/d=1/exm=Das5Le,IZT63,LEikZe,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjTWgOs7qpKD8Hpgg3AKRtnpzV6jg/m=Wt6vjf,_latency,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c9651d7db14c6d53cfe8b654aec2d0d240a0a65954d8420fe23175260bd702b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 08:42:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7313
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 21:24:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 08:42:02 GMT
m=lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q-k... Frame D66F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q-kOYsu9_jY.L.B1.O/am=AoA/d=1/exm=Das5Le,FCpbqb,IZT63,LEikZe,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_latency,_tp,byfTOb,hc6Ubd,lsjVmc,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/rs=AMitfrjTWgOs7qpKD8Hpgg3AKRtnpzV6jg/m=lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5fbd29b61d48de4fb21c6f3ef5cc87f82f631e5680d863f809b1391b6cedbbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 13:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3344
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 21:24:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 13:04:10 GMT
log
play.google.com/ Frame D66F 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.Vk1zicu1bBk.es5.O/am=AoA/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgsaJCsJl4AfSYQfiPixEbuuTmP5w/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
m=Wt6vjf,_latency,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.B... Frame 15AD 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.BG4aR00qkTU.L.B1.O/am=AoA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/rs=AMitfrhT9P3UmyabMphBdO0o03g6IB1fEA/m=Wt6vjf,_latency,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrhPKQZIvc679XuVoT58ObzlymWDAQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
956417ab5d3a89e9169cb46b350fd5f797185baad8e11cbd16fc88898fbbb09e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 19:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14359
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 21:24:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 19:37:48 GMT
m=lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.B... Frame 15AD 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.BG4aR00qkTU.L.B1.O/am=AoA/d=1/exm=FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_latency,_tp,byfTOb,lsjVmc,ws9Tlc/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/rs=AMitfrhT9P3UmyabMphBdO0o03g6IB1fEA/m=lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrhPKQZIvc679XuVoT58ObzlymWDAQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
649ac9976a970c7dce0393cf8765208a4bbbe39fe9321d52f51d0559c3a6b0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 19:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3533
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 21:24:03 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Aug 2022 19:37:48 GMT
log
play.google.com/ Frame 15AD 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.dCJ8U_aSZjQ.es5.O/am=AoA/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/rs=AMitfrhPKQZIvc679XuVoT58ObzlymWDAQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 28 Aug 2021 21:29:25 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 28 Aug 2021 21:29:25 GMT
token
connect.squareup.com/v2/analytics/ Frame 7C0A 		108 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.squareup.com/v2/analytics/token
Requested by
Host: connect.squareup.com
URL: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.68 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
f3be42287a46b8e1621dd04aa421f6018c596b8cc0a2810b4faf02049e2bbe9b
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fsquareup.com%2Fpay-invoice%2Finv%3A0-ChCu7RGcM9E5Wyr7wy7XeiRMEMUI%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 28 Aug 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
square-version
2018-07-12
x-speleo-traceid
EMjMhZKhPkjbG
vary
Origin, Accept-Encoding
content-length
125
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=631152000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://connect.squareup.com
x-permitted-cross-domain-policies
none
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies
/
nd.squarecdn.com/2.2/w/w-952168/init/js/ 		482 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nd.squarecdn.com/2.2/w/w-952168/init/js/?q=%7B%22e%22%3A253606%2C%22oq%22%3A%221600%3A1200%3A1600%3A1200%3A1600%3A1200%22%2C%22wfi%22%3A%22flap-151081%22%2C%22yf%22%3A%7B%7D%2C%22uers%22%3A%22uggcf%3A%2F%2Ffdhnerhc.pbz%2Fcnl-vaibvpr%2Fvai%3A0-PuPh7ETpZ9R5Jle7jl7KrvEZRZHV%2F%22%2C%22ov%22%3A%22o2%7C1600k1200%201600k1200%2024%2024%7C-60%7Cra-HF%7Coc1-700%7Csnyfr%7C%7CZbmvyyn%2F5.0%20(Jvaqbjf%20AG%2010.0%3B%20Jva64%3B%20k64)%20NccyrJroXvg%2F537.36%20(XUGZY%2C%20yvxr%20Trpxb)%20Puebzr%2F92.0.4515.159%20Fnsnev%2F537.36%7CAbg%20Fhccbegrq%22%7D
Requested by
Host: nd.squarecdn.com
URL: https://nd.squarecdn.com/2.2/w/w-952168/sync/js/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.176.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab3378e3025098c17.awsglobalaccelerator.com
Software
nginx /
Resource Hash
6aa92c8477fdff6324d04cb7ab13d867d96e2fa148d190fd5d22a2bb40d57148
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 28 Aug 2021 21:29:26 GMT
x-content-type-options
nosniff, nosniff
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains;
content-length
482
x-xss-protection
1; mode=block
v2
pci-connect.squareup.com/payments/mtx/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pci-connect.squareup.com/payments/mtx/v2
Requested by
Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.122.190.85 , United States, ASN15211 (SQUARE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://squareup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 28 Aug 2021 21:29:26 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
access-control-allow-headers
Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://squareup.com
access-control-allow-credentials
true
strict-transport-security
max-age=631152000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __core-js_shared__ object| core function| SqPaymentForm object| __SENTRY__ object| Square function| gtag object| dataLayer object| IntlPolyfill function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| LanguageDetector function| PreloadScreen object| preloadScreen boolean| runningTests object| loader function| define function| requireModule function| require function| requirejs function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray boolean| preferNative function| _typeof undefined| __ember_auto_import__ function| _get function| _superPropBase function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf object| EmberENV function| moment function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| mainContext object| Ember object| Em undefined| Raven object| protobufjs object| webpackJsonp_ember_auto_import_ function| _eai_r function| _eai_d function| emberAutoImportDynamic object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| a object| b object| c string| d object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| google object| ndsapi string| ndjsStaticVersion function| nsbopifkzi object| nslyyidtyi object| nslgf boolean| nsdwhx number| nsviymjoy number| nsbopifk object| nsbopi function| nslyyidty object| nsgukk object| nscav object| nsgukkebk object| nsviymjoyg object| nslyyidt boolean| nsfkgjo string| nscavjy object| nds object| nscavj function| nslgfnpyxj function| nsviymjo number| numQueries function| validateSessionIdCookie object| returned string| version string| nslyyid string| nsdwhxu function| nslgfn function| nslgfnpyx function| nscavjyd string| nsviym function| nsfkg function| nsfkgjoqrf string| nsviy string| nsfkgjoq string| nsdwhxurq string| nsfkgjoqr object| nsdwhxur function| nslyy function| nsbop object| nsfkgj function| nsdwhxurqd function| nslgfnpy function| nsviymj function| nslgfnp function| nsdwh function| nsguk function| nsbopif function| nscavjydj function| ndwti function| nsbopifkz function| nsgukkeb function| nsgukkebkh function| nscavjydje function| nsnfwm function| nsgvvln function| nslyrfuyoh function| nslyrfuyo function| nswwaawej function| nsiievbab function| nsyivzxe function| nswwaawe function| nsgvv function| ndwts function| nsyivz function| nsyfqpwtn function| nsnfw function| HashUtil function| nsnemt function| nsgvvlnu function| nsyfq function| nsgvvlnuks function| nsyfqpwtna function| nsgvvl object| nsgukke function| nswwa function| ndoGetObjectKeys boolean| nslyyi function| nsnfwmipk function| nslyrfu function| nsqvjs function| nsdkfgxenr function| nsmioi function| nsdkfg function| ThreeDS2Service function| ChallengeParameters object| ThreeDS

5 Cookies

Domain/Path Name / Value
.squareup.com/ Name: _ga
Value: GA1.2.483066429.1630186164
.squareup.com/ Name: _savt
Value: 8b78cc97-bcfa-4885-94b1-11c9dc0c5116
.squareup.com/ Name: _gat_gtag_UA_118441582_1
Value: 1
.squareup.com/ Name: _gid
Value: GA1.2.888183665.1630186164
squareup.com/ Name: squareGeo
Value: DE-BE

2 Console Messages

Source Level URL
Text
console-api debug URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js(Line 5648)
Message:
ES2 Event [object Object]
console-api debug URL: https://invoice-frontend-production-f.squarecdn.com/assets/vendor-c0a3b3789a118ee4565a23143223427c.js(Line 5648)
Message:
ES2 Event [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=631152000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.squareup.com
connect.squareup.com
d1g145x70srn7h.cloudfront.net
dl6rt3mwcjzxg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
images.squareup.com
invoice-frontend-production-f.squarecdn.com
js.squareup.com
nd.squarecdn.com
pay.google.com
pci-connect.squareup.com
play.google.com
squareup.com
wcssssxs.r.us-west-2.awstrack.me
web.squarecdn.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
13.224.96.60
143.204.98.71
151.101.13.49
151.101.193.49
2600:9000:2156:de00:13:4005:e4c0:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c0b::5c
52.38.88.225
74.122.189.133
74.122.190.68
74.122.190.85
99.83.176.153
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
011bb584fa3ca8b3458fc8052d28f77d452c17e9f2536ca4abeb9dba4d1ba9a9
09f6b6ff98dc14e11eefaab855cbd2ae6f7782207f00d2a569c8e5990695381d
10b24078ea3c56f5cbbb466a36cdd3612492e4dc647bca980fb9a587f43bb960
1245e389a55a8c3b1b7762dd9b6d92ae09f575c0ac77925f7af190d874b04c12
15f38dff609e3564822c3a57359244baf2ddde0eac729f0ccc699f5b7909d765
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1dd21fcd4cb667e8609e0044091df3b7a1a8bb6108aa8ed9e76940bc331f6cc8
1fbd9205596cd9c4fae3017cfbcd22394138c8253415926fbc7ba060227ca35a
229ec17324b239127841118369b6ba49cb6acbc054be11dd6b27e68c115565c7
2dc807ac569dc6c1b8e3769e4702ec99032b57e8745161e0c603e3de63a3d92b
34283eea05a36ee469b7c39c787c3f7fb2ce2d07e076447775cf98ec5f1eb213
395eb87ca4ab1fba8cccc7b7aba3c35754d2429d287128dee9281d191c49ce32
3c21de5d72e7f034a98612525e4718c3cd06192c7aa5ca9993ed378a86325738
3d1777861ce46fe973eca93898a963d05ec97a6022dac22e20ccfe7d75a6cb90
3da8ea42badf556ed67aa93ad4e5e673e68a5dcd5292e70097af6a358713455d
4cc58116c96c356881f7d2aaf68215d18ec3f583486fa3e4c25b56f3fc06bacb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2158fad11f0c3cea49561e18953e14c573a87d9b365e70acf6697fc90041a3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5281b4c1f5c2381c845d65e1040c32aee00266f38125fffb5401224134e7cdb7
551076e7b6b427c0243b910b4729383d9055d79479482794b2a84197c22fea14
5c9651d7db14c6d53cfe8b654aec2d0d240a0a65954d8420fe23175260bd702b
649ac9976a970c7dce0393cf8765208a4bbbe39fe9321d52f51d0559c3a6b0ea
6aa92c8477fdff6324d04cb7ab13d867d96e2fa148d190fd5d22a2bb40d57148
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71f21c5270b3632c61ca8bfdc02e5f40201ec17a284dc8c9e446565756ed3b51
77c2e42d42a15c3d7eca6751c19a048904ceb6031a46c63b263507337751b03c
7b2925e0047244e8725c503e5e7c42cedbee9baa9c57916680312f9a9041f82e
872ec2095f32e3b178d26ef41f302765414919e49a097fd24430a40481d2981e
924fdd63a0ad04c23bff8f8ea428daab48d4bdc133e0c5b97c3dc1cb86feeeea
937fb2c7998645ab86f885f9d89d67692b61a6e81b360b3ca9bfc1828a3f6b76
956417ab5d3a89e9169cb46b350fd5f797185baad8e11cbd16fc88898fbbb09e
99aa41ddd98912ea325a7dbfc0d4d36f8969258ff616cc1ddc9a42e27f9e380a
a5d4d3d96ea4d5f528b3ab87a30644763579970d28eade203ec3635c35561fd7
b69e50388b6b9061cf69b5f7816474cac9d173f8904e17cfadd96433d748c087
bc1b2eb3d5997e57d93ba9fd75fa1f2325422e3cdc0b6be0ad4a588d1d56a6e2
bc1f499ac3f58c92b21c0160411819f5fe7cb152893dd0e4f9c879fe04ba93be
bcd384bf571d778f6db41260662a2cd9f3afe1b491d5905f37f290cdb4efae4b
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
c0e12af487b1dbea88322f3a67504be9e5f8734f7ebe069e8a719cb8dcd59d8c
c371625e09750acf24d4362e9dcab026ac8edc1890e43e06cc081f11c5b7faff
ce527fafef4b207a04a9a69a1b016429ac94b16d6289db2ca5175b9cbf357d0f
d325ad5097d79a4ca85ab353303f46188fb6df5d0eb518d02f3ad7b6abe1f025
d6b61b204705f065f9c832cfb5b55a84f2b282f6915a8003edb6613e46ed0432
d821f6cc288a061d009f64f53e24908fe006c3307dff1410a516ee8edf1a91cd
d964f5084cc7b238b22a616d0abe1b13ed3c1a3c53761667d9c5e7fe241dfcda
ddd59a8a011b2b2de9bb2ec052bb5adb06918ed0e365f9e6decc6bd804fef2e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80178302eb6e5b86024f11fd31427726e29a2abb7396fabc39d563519be86b6
ea5b918eb3b878586339e053bd4a9a8cef1fac226988db5c5102c43692b32053
eab40a05004ade6fec6e4a68b5996ec72912e94d98c6c171222b78e5850d6428
eda6f7f1f9691bec0b6a4efa87c38c53e2692ffe1d9e3059f1d4883183468ba9
f1d006530d459ce5890f74109fc45173a5335473e074ee73898f84389808ca09
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
f3be42287a46b8e1621dd04aa421f6018c596b8cc0a2810b4faf02049e2bbe9b
f5fbd29b61d48de4fb21c6f3ef5cc87f82f631e5680d863f809b1391b6cedbbb
fb8da7eb5b1b399e7321179dac9e9f65773d7331e1e30554e3911e4325e1ef19
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62