www.jotform.com Open in urlscan Pro
2606:4700:11::6817:860b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.jotform.com/232115333119142
Submission: On August 25 via manual (August 25th 2023, 6:52:53 pm UTC) from US — Scanned from DE

Summary HTTP 128 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 14 domains to perform 128 HTTP transactions. The main IP is 2606:4700:11::6817:860b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.jotform.com. The Cisco Umbrella rank of the primary domain is 24916.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2023. Valid for: a year.

This is the only time www.jotform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 8	2606:4700:11:... 2606:4700:11::6817:860b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2606:4700:10:... 2606:4700:10::6816:4851	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
4	2606:4700:10:... 2606:4700:10::6816:4951	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::ac43:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	35.190.41.132 35.190.41.132	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
4	35.201.118.58 35.201.118.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2600:9000:223... 2600:9000:223d:3800:13:4005:e4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:20:... 2606:4700:20::681a:5e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
9	162.159.140.47 162.159.140.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.0.47 172.66.0.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:26d... 2600:9000:26da:d400:1d:940e:c980:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c04::5c	15169 (GOOGLE) (GOOGLE)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
11	162.159.137.66 162.159.137.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	2600:1f18:24e... 2600:1f18:24e6:b902:c043:5d8:f69c:85d	14618 (AMAZON-AES) (AMAZON-AES)
2	162.159.140.44 162.159.140.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
128	26

8 2606:4700:11::6817:860b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:10::6816:4851 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn01.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4951 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn02.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:76b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn03.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.41.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.41.190.35.bc.googleusercontent.com

files.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.118.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.118.201.35.bc.googleusercontent.com

submit.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223d:3800:13:4005:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:5e1 (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.jotform.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.159.140.47 (None, )

ASN13335 (CLOUDFLARENET, US)

pci-connect.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.47 (United States)

ASN13335 (CLOUDFLARENET, US)

js.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26da:d400:1d:940e:c980:93a1 (United States)

ASN16509 (AMAZON-02, US)

kit.cash.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c04::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 162.159.137.66 (None, )

ASN13335 (CLOUDFLARENET, US)

api.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

api.cash.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:c043:5d8:f69c:85d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

csp-report.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.140.44 (None, )

ASN13335 (CLOUDFLARENET, US)

pay.cash.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	jotfor.ms cdn.jotfor.ms — Cisco Umbrella Rank: 19353 cdn02.jotfor.ms — Cisco Umbrella Rank: 23004 cdn03.jotfor.ms — Cisco Umbrella Rank: 23123 cdn01.jotfor.ms — Cisco Umbrella Rank: 22640	1001 KB
21	squareup.com pci-connect.squareup.com — Cisco Umbrella Rank: 43171 js.squareup.com — Cisco Umbrella Rank: 43684 api.squareup.com — Cisco Umbrella Rank: 16542 connect.squareup.com — Cisco Umbrella Rank: 36107	42 KB
16	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2907 play.google.com — Cisco Umbrella Rank: 44	451 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	759 KB
14	jotform.com 2 redirects www.jotform.com — Cisco Umbrella Rank: 24916 files.jotform.com — Cisco Umbrella Rank: 31221 submit.jotform.com — Cisco Umbrella Rank: 54202 events.jotform.com — Cisco Umbrella Rank: 22941	2 MB
9	cash.app kit.cash.app — Cisco Umbrella Rank: 190582 api.cash.app — Cisco Umbrella Rank: 377659 pay.cash.app — Cisco Umbrella Rank: 187529	136 KB
7	jotform.io widgets.jotform.io — Cisco Umbrella Rank: 58034	55 KB
4	squarecdn.com web.squarecdn.com — Cisco Umbrella Rank: 26728	196 KB
2	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 4289	183 B
1	browser-intake-datadoghq.com csp-report.browser-intake-datadoghq.com — Cisco Umbrella Rank: 25575
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 736	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	5 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4924	17 KB
128	14

	Domain	Requested by
24	cdn.jotfor.ms	www.jotform.com cdn.jotfor.ms widgets.jotform.io
11	api.squareup.com
10	www.gstatic.com	www.google.com www.gstatic.com pay.google.com
8	play.google.com	www.gstatic.com
7	pci-connect.squareup.com	web.squarecdn.com
7	widgets.jotform.io	www.jotform.com widgets.jotform.io
7	www.jotform.com	2 redirects www.jotform.com cdn03.jotfor.ms web.squarecdn.com
6	cdn01.jotfor.ms	www.jotform.com
4	api.cash.app	kit.cash.app
4	pay.google.com	web.squarecdn.com pay.google.com www.jotform.com www.gstatic.com
4	web.squarecdn.com	cdn03.jotfor.ms web.squarecdn.com
4	submit.jotform.com	cdn02.jotfor.ms
4	fonts.gstatic.com	fonts.googleapis.com www.google.com
4	www.google.com	www.jotform.com www.gstatic.com www.google.com
4	cdn03.jotfor.ms	www.jotform.com
4	cdn02.jotfor.ms	www.jotform.com
3	kit.cash.app	web.squarecdn.com kit.cash.app
2	pay.cash.app	kit.cash.app
2	connect.squareup.com	js.squareup.com connect.squareup.com
2	api.lab.amplitude.com	web.squarecdn.com
2	files.jotform.com	cdn.jotfor.ms www.jotform.com
1	csp-report.browser-intake-datadoghq.com	www.jotform.com
1	js.squareup.com	web.squarecdn.com
1	code.jquery.com	widgets.jotform.io
1	events.jotform.com	www.jotform.com
1	fonts.googleapis.com	cdn.jotfor.ms
1	cdnjs.cloudflare.com	www.jotform.com
1	browser.sentry-cdn.com	www.jotform.com
128	28

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-09` - `2024-05-08`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
jotform.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-10` - `2023-10-20`	9 months	crt.sh
web.squarecdn.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
api.squareup.com Entrust Certification Authority - L1K	`2023-03-24` - `2024-03-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
js.squareup.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-01`	a year	crt.sh
kit.cash.app Amazon RSA 2048 M01	`2023-02-24` - `2024-02-10`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-25` - `2024-03-28`	a year	crt.sh
connect.squareup.com Cloudflare Inc ECC CA-3	`2023-02-22` - `2024-02-21`	a year	crt.sh
api.cash.app R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
pay.cash.app Cloudflare Inc ECC CA-3	`2023-04-25` - `2024-04-23`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.jotform.com/232115333119142
Frame ID: 7AD86464ADBCA1FF58DD3793C554E218
Requests: 70 HTTP requests in this frame

Frame: https://widgets.jotform.io/fieldMultiplier/?qid=91&ref=https%3A%2F%2Fwww.jotform.com
Frame ID: D49BCF2483789B5395C4C02D4CB98A49
Requests: 8 HTTP requests in this frame

Frame: https://widgets.jotform.io/termsScroll/?qid=67&ref=https%3A%2F%2Fwww.jotform.com
Frame ID: CC875AE09A72C63C75778B961ACA92F4
Requests: 9 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.51.2/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=www.jotform.com
Frame ID: B9E61ABAD5A47C5484ED7FC501512B6C
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdU3CgUAAAAAB0nnFM3M3T0sy707slYYU51RroJ&co=aHR0cHM6Ly93d3cuam90Zm9ybS5jb206NDQz&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=w7l9wihx5zl8
Frame ID: A6F6452A26F27C113BC75F62E96A37E6
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdU3CgUAAAAAB0nnFM3M3T0sy707slYYU51RroJ
Frame ID: 5F49C6C3E127EC82B105B57CC63ECDA4
Requests: 3 HTTP requests in this frame

Frame: https://web.squarecdn.com/1.51.2/single-card-element-iframe.html
Frame ID: 11F889FE08C0F01998BA97271FB1A6EA
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.jotform.com&mid=
Frame ID: 4C1E9EFB8ECC235A2466DEF9E977FEE8
Requests: 11 HTTP requests in this frame

Frame: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fwww.jotform.com%2F232115333119142
Frame ID: 108C54ABE9C3C0271CA44E9F73EFF385
Requests: 3 HTTP requests in this frame

Frame: https://kit.cash.app/1.71.6/pay/enclave.html
Frame ID: 05B00842A987580F7554593F6BD15048
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rental and Credit Application

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Square (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.squareup\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

128
Requests

98 %
HTTPS

68 %
IPv6

14
Domains

28
Subdomains

26
IPs

5
Countries

4422 kB
Transfer

10082 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.jotform.com/uploads/josejustsold/form_files/551-284-0332.64c7fecbcf0fb1.68827733.png HTTP 302
https://files.jotform.com/jufs/josejustsold/form_files/551-284-0332.64c7fecbcf0fb1.68827733.png?md5=5vU4Mfh3Qajc_bK9DnmjmQ&expires=1692989577

Request Chain 37

https://www.jotform.com/uploads/josejustsold/form_files/LOGO%20INOA%20REALTY%20GROUP%201%20sin%20fondo.64c801052e0b85.04515888.png HTTP 302
https://files.jotform.com/jufs/josejustsold/form_files/LOGO%20INOA%20REALTY%20GROUP%201%20sin%20fondo.64c801052e0b85.04515888.png?md5=b13aZuXDHxDf_WROVyc_YQ&expires=1692989577

128 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 232115333119142 Show response
www.jotform.com/ 1 MB
47 KB 706ms
672ms Document
text/html 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jotform.com/232115333119142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7663ca613711f3d9a2aa2d7a31ff5249c1053b4d034b0385ee5c764c08c943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7fc608b6ce9d1c7c-AMS
content-encoding: br
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 18:52:47 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
global-router: true
last-modified: Fri, 25 Aug 2023 18:52:46 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
via: 1.1 google
x-form-cache: MISS-APP

GET
H2 200 default.css
cdn.jotfor.ms/stylebuilder/ 299 KB
57 KB 66ms
38ms Stylesheet
text/css 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/default.css?469d59f
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a24900c86ec80b7061d8e05bc5a0e82f4bfefebfc95d84132913f45cba3911c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 64
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:51:43 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
x-form-cache: MISS-APP
cf-ray: 7fc608bb8f3a6955-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 style.css
cdn.jotfor.ms/stylebuilder/232115333119142/ 53 KB
18 KB 211ms
183ms Stylesheet
text/css 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/232115333119142/style.css?themeID=59647bf8cf3bfe639c0b7cb1&v=70fdd81b5a52465d532a8fa49a476550
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fdc3921c46c55eb96f756548c094d30d83cf479bedafedf301653c39bef252

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=86400
x-form-cache: MISS-APP
cf-ray: 7fc608bb8f406955-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 lang-dd.css
cdn.jotfor.ms/wizards/languageWizard/custom-dropdown/css/ 16 KB
3 KB 70ms
42ms Stylesheet
text/css 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/wizards/languageWizard/custom-dropdown/css/lang-dd.css
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45cf9b3de6561edd7d94188310de6d7e0887a4c50e28ea53b2d92c2877940c39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-static: 2
date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:22:18 GMT
server: cloudflare
age: 13939705
etag: W/"637f61fa-4069"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7fc608bb8f496955-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.12.1/ 55 KB
17 KB 39ms
10ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.12.1/bundle.min.js

Requested by

Host: www.jotform.com
URL: https://www.jotform.com/232115333119142

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.jotform.com/
Origin: https://www.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 04 Feb 2020 11:19:05 GMT
server: Fastly
age: 3315490
etag: "1c5228c89d281d08aa0ce908f582609a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17201
expires: Wed, 17 Jul 2024 09:54:37 GMT

GET
H2 200 jquery-1.8.0.min.js Show response
cdn02.jotfor.ms/js/vendor/ 90 KB
32 KB 46ms
19ms Script
application/x-javascript 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/js/vendor/jquery-1.8.0.min.js?v=3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f52a67efde6061b08523ce2243e232ce337d094b30bb5bfe6c3aeff3df81b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 7301
etag: W/"644a9d8a-16633"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bb8be29b31-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jSignature.min.noconflict.js Show response
cdn03.jotfor.ms/js/vendor/ 24 KB
8 KB 51ms
24ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/js/vendor/jSignature.min.noconflict.js?3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0bc93cf21593b8d929bdf120feb2a53095e9e31a99396020c87a39dbe9043ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 5771
etag: W/"644a9d8a-5ed6"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bb8ff00858-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jotform.signaturepad.js Show response
cdn01.jotfor.ms/js/vendor/ 7 KB
2 KB 48ms
21ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/js/vendor/jotform.signaturepad.js?3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86137bbfb4e598fb9fbb16ef4a5432e48909a23fd1341f0a9f0f896902a14676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 12:21:42 GMT
server: cloudflare
age: 3895
etag: W/"646e0156-1d16"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bb8eb2918c-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 prototype.forms.js Show response
cdn02.jotfor.ms/static/ 126 KB
33 KB 44ms
17ms Script
application/x-javascript 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/static/prototype.forms.js?3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 23 Aug 2023 16:39:37 GMT
server: cloudflare
age: 7240
etag: W/"64e63649-1f932"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 7fc608bb8be49b31-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jotform.forms.js Show response
cdn03.jotfor.ms/static/ 573 KB
151 KB 67ms
40ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/static/jotform.forms.js?3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff926faccf771b8ae9aaf90e2912ec33c1f3c6afd96f9c4ddf06fca63e1f0a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 25 Aug 2023 09:17:24 GMT
server: cloudflare
age: 7240
etag: W/"64e871a4-8f307"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 7fc608bb8ff10858-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 maskedinput.min.js Show response
cdn01.jotfor.ms/js/vendor/ 92 KB
27 KB 37ms
37ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/js/vendor/maskedinput.min.js?v=3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e12e95176d4efb550a002ba411794aae00c31d552761c984e8d3ec33d597dbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 6795
etag: W/"644a9d8a-16e80"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bce9a7918c-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jquery.maskedinput.min.js Show response
cdn02.jotfor.ms/js/vendor/ 4 KB
2 KB 20ms
17ms Script
application/x-javascript 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/js/vendor/jquery.maskedinput.min.js?v=3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e4a06f8518d0b05c817c35ab157d8f171674c4c96144db765d15fd2870900a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 6795
etag: W/"644a9d8a-1124"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bd0db69b31-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 punycode.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ 14 KB
5 KB 40ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.js

Requested by

Host: www.jotform.com
URL: https://www.jotform.com/232115333119142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10497247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4177
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-394e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cs0Z%2FpQSMgOR%2FRfzhIRGB9%2FRQttCN%2BuFSUC4X%2Fm%2FC%2BAtqoRdJt08EHOa0oiaEDmt6PcElvMKdPxy8FIH6ExQ5XDu0koArC3UPW5FD7Wuyf%2B8hALUBLti%2FCpOmN9T%2FE3p1MVkvVNNS2Zcr0Eafm42FBf9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fc608bd2f4c3623-FRA
expires: Wed, 14 Aug 2024 18:52:47 GMT

GET
H2 200 imageinfo.js Show response
cdn03.jotfor.ms/js/vendor/ 16 KB
5 KB 47ms
21ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/js/vendor/imageinfo.js?v=3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7eeeba23ee08ef3c7ea9fd649b04510617a18c12ae1e1174cff662943708feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 27 Apr 2023 16:06:34 GMT
server: cloudflare
age: 5771
etag: W/"644a9d8a-417f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bb8ff40858-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 fileuploader.js Show response
cdn01.jotfor.ms/file-uploader/ 60 KB
16 KB 46ms
19ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/file-uploader/fileuploader.js?v=3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6f5ed9b605f10e4b08abcc3f9b7f32fcaede28b2eb39455ad5b81f32c81714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 12:14:42 GMT
server: cloudflare
age: 4647
etag: W/"64e4a6b2-f182"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bb8eb5918c-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 paymentUtils.js Show response
cdn02.jotfor.ms/js/payments/ 27 KB
8 KB 171ms
145ms Script
application/x-javascript 2606:4700:10::6816:4951
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/js/payments/paymentUtils.js?v=3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a62cf033caeb973492ea18c06fc13b91cc79353cf52af42ef4fb2d5331049e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
last-modified: Wed, 07 Jun 2023 07:08:40 GMT
server: cloudflare
etag: W/"64802cf8-6abc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bb8be69b31-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 square.js Show response
cdn03.jotfor.ms/js/ 55 KB
11 KB 170ms
143ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/js/square.js?v=3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2436decf515a60d3b29801c6a74ce90328373b9480ff96e6753909d6f301f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 10:50:08 GMT
server: cloudflare
etag: W/"64ddfb60-ddf8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bb8ff50858-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 validategateways.js Show response
cdn01.jotfor.ms/js/payments/ 710 B
406 B 50ms
24ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/js/payments/validategateways.js?v=3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aba48469286a91d672f75c23affd49b26cbc09a696eece7af576abb279214585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 11:18:42 GMT
server: cloudflare
age: 7208
etag: W/"64bfaf92-2c6"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bb8eb7918c-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 for-widgets-server.js Show response
cdn01.jotfor.ms/s/umd/9eda199086c/ 29 KB
10 KB 48ms
22ms Script
text/javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/s/umd/9eda199086c/for-widgets-server.js?v=3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a8e9477e8396e41f5fcf55ca686bd4428dd88c62d8451fcb44ffefdbeafe55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 25 Aug 2023 16:24:17 GMT
x-store: gcs
server: cloudflare
age: 212
etag: W/"f6c6ff330b447152837a1e0d3de2e9c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 7fc608bb8eb8918c-FRA
expires: Fri, 25 Aug 2023 18:50:42 GMT

GET
H2 200 CC_icon.png
cdn.jotfor.ms/assets/img/payments/ 4 KB
5 KB 26ms
23ms Image
image/png 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/CC_icon.png
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f4ceddebe04630fe781aadd9956883463438f1df6a6e93bbef067c1fa00699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
cf-cache-status: HIT
age: 778472
content-length: 4545
last-modified: Tue, 25 Jul 2023 08:18:36 GMT
server: cloudflare
etag: "64bf855c-11c1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7fc608bd1a0f6955-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 square_cashApp.png
cdn.jotfor.ms/assets/img/payments/ 1 KB
1 KB 29ms
26ms Image
image/png 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/square_cashApp.png
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa26b4e27d0c52ce264a88a323d939b6193ffe96b66b8d592f41d729c6fe758

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
cf-cache-status: HIT
age: 6721643
content-length: 1213
last-modified: Thu, 11 May 2023 06:30:34 GMT
server: cloudflare
etag: "645c8b8a-4bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7fc608bd1a106955-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 googlePay.png
cdn.jotfor.ms/assets/img/payments/ 1 KB
1 KB 26ms
23ms Image
image/png 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/googlePay.png
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd62e1811abf5572388bb4f4ef47d76dcfad942156d4eb5acdfe7d64a17e7924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
cf-cache-status: HIT
age: 93150
content-length: 1238
last-modified: Tue, 25 Jul 2023 08:18:36 GMT
server: cloudflare
etag: "64bf855c-4d6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7fc608bd1a126955-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 apple_icon_black.png
cdn.jotfor.ms/assets/img/payments/ 546 B
882 B 24ms
22ms Image
image/png 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/payments/apple_icon_black.png
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c60462a13076bea84c6a3cbf1dd87bbc0f39c877b0f31ead3c9fd45dfb15f336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
cf-cache-status: HIT
age: 5456022
content-length: 546
last-modified: Sun, 11 Jun 2023 06:30:42 GMT
server: cloudflare
etag: "64856a12-222"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 7fc608bd1a136955-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.jotform.com
URL: https://www.jotform.com/232115333119142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 835
x-xss-protection: 1; mode=block
expires: Fri, 25 Aug 2023 18:52:47 GMT

GET
H2 200 for-cardform-js.js Show response
cdn01.jotfor.ms/s/umd/9eda199086c/ 449 KB
118 KB 21ms
20ms Script
text/javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/s/umd/9eda199086c/for-cardform-js.js?4.5
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aad19a864d8a9be3b4d9f46cc8dc786e0983ff124e09a89904207147580d9d23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 25 Aug 2023 16:24:17 GMT
x-store: gcs
server: cloudflare
age: 212
etag: W/"9debce0071443df3d81187ef61eaad7d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 7fc608bca907918c-FRA
expires: Fri, 25 Aug 2023 19:31:31 GMT

GET
H2 200 ownerView.php Show response
www.jotform.com/ 0
69 B 185ms
183ms Script
text/html 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jotform.com/ownerView.php?id=232115333119142
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/232115333119142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7fc608bd197c1c7c-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 formTranslation.v2.js Show response
cdn.jotfor.ms/js/ 61 KB
15 KB 20ms
20ms Script
application/x-javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/js/formTranslation.v2.js?3.3.44786
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5281b1f3a209f0656707bccb3c2f7ea37ca69816b3ac272c1bf9e3fe06e7ba7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 25 Aug 2023 13:28:57 GMT
server: cloudflare
age: 7240
etag: W/"64e8ac99-f2c8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7fc608bce9d66955-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
cdn.jotfor.ms/fonts/ 3 KB
427 B 20ms
20ms Stylesheet
text/css 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/default.css?469d59f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c375043f418d3bd18eccfa0388d8ceddd30d471d7df5aac81e8232a4fa39ce15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jotfor.ms/stylebuilder/default.css?469d59f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 281
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:48:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7fc608bbf84b6955-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Requested by

Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/232115333119142/style.css?themeID=59647bf8cf3bfe639c0b7cb1&v=70fdd81b5a52465d532a8fa49a476550

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c8aa75f73c7b43afbf61eb85ad74f5cb17f0cdee97c77fa6800ca40949cd81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jotfor.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 18:50:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Aug 2023 18:52:47 GMT

GET
H2

200

551-284-0332.64c7fecbcf0fb1.68827733.png
files.jotform.com/jufs/josejustsold/form_files/
Redirect Chain

https://www.jotform.com/uploads/josejustsold/form_files/551-284-0332.64c7fecbcf0fb1.68827733.png
https://files.jotform.com/jufs/josejustsold/form_files/551-284-0332.64c7fecbcf0fb1.68827733.png?md5=5vU4Mfh3Qajc_bK9DnmjmQ&expires=1692989577

1 MB
1 MB

174ms
122ms

Image
image/png

35.190.41.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jotform.com/jufs/josejustsold/form_files/551-284-0332.64c7fecbcf0fb1.68827733.png?md5=5vU4Mfh3Qajc_bK9DnmjmQ&expires=1692989577
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/232115333119142/style.css?themeID=59647bf8cf3bfe639c0b7cb1&v=70fdd81b5a52465d532a8fa49a476550
Protocol: H2
Server: 35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.41.190.35.bc.googleusercontent.com
Software: /
Resource Hash: edffda66b1342435af833f05a908fa8a1a18f5c9fcf8db344cf656c04487a63f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jotfor.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: OPTIONS, GET
content-type: image/png

Redirect headers

date: Fri, 25 Aug 2023 18:52:47 GMT
strict-transport-security: max-age=31536000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:47 GMT
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://files.jotform.com/jufs/josejustsold/form_files/551-284-0332.64c7fecbcf0fb1.68827733.png?md5=5vU4Mfh3Qajc_bK9DnmjmQ&expires=1692989577
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7fc608bd5a600e40-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56a4ffe8a834122463a6e62bbddfea8112362ec287bb3f2deb19b84eb57c2c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 288 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 698 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 305 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 870cf8347bb045c8cf29a13b94c9034886de84ba1286b8635ea9ab217f93b78c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 161071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 22:08:16 GMT

GET
H2 200 Roboto-Medium.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ 65 KB
66 KB 159ms
138ms Font
text/html 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Medium.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8047d9d95b509cbfed6fb40b429d64aaed51c9e8622b2e6cc089efda58fc868

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Origin: https://www.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Aug 2023 06:35:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7fc608bd8eb13764-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 33ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:21:37 GMT
x-content-type-options: nosniff
age: 275470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 14:21:37 GMT

GET
H2 200 Roboto-Thin.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ 63 KB
63 KB 165ms
146ms Font
text/html 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Thin.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 704df2afd6d11b66de551ac7d9a36f5d608f492d0d6eedd0eb0511aa0dc54dbc

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Origin: https://www.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Aug 2023 06:35:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7fc608bd8eb23764-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

LOGO%20INOA%20REALTY%20GROUP%201%20sin%20fondo.64c801052e0b85.04515888.png
files.jotform.com/jufs/josejustsold/form_files/
Redirect Chain

https://www.jotform.com/uploads/josejustsold/form_files/LOGO%20INOA%20REALTY%20GROUP%201%20sin%20fondo.64c801052e0b85.04515888.png
https://files.jotform.com/jufs/josejustsold/form_files/LOGO%20INOA%20REALTY%20GROUP%201%20sin%20fondo.64c801052e0b85.04515888.png?md5=b13aZuXDHxDf_WROVyc_YQ&expires=1692989577

241 KB
242 KB

134ms
120ms

Image
image/png

35.190.41.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jotform.com/jufs/josejustsold/form_files/LOGO%20INOA%20REALTY%20GROUP%201%20sin%20fondo.64c801052e0b85.04515888.png?md5=b13aZuXDHxDf_WROVyc_YQ&expires=1692989577
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Server: 35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.41.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e911c692092b040a584b0d8a51a018ddfcffcfaf72783f25cbf05aaea509ec95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 25 Aug 2023 18:52:47 GMT
via: 1.1 google
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: OPTIONS, GET
content-type: image/png

Redirect headers

date: Fri, 25 Aug 2023 18:52:47 GMT
strict-transport-security: max-age=31536000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:47 GMT
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://files.jotform.com/jufs/josejustsold/form_files/LOGO%20INOA%20REALTY%20GROUP%201%20sin%20fondo.64c801052e0b85.04515888.png?md5=b13aZuXDHxDf_WROVyc_YQ&expires=1692989577
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7fc608bd9ae80e40-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 cart-shopping-filled.svg
cdn.jotfor.ms/assets/img/cardforms/ 2 KB
954 B 18ms
17ms Image
image/svg+xml 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/cardforms/cart-shopping-filled.svg
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/default.css?469d59f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95b4d569b98136a29f3419ff5cd161c55a570eb8f25ad6d9f360bf7849d34a4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jotfor.ms/stylebuilder/default.css?469d59f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 3075628
last-modified: Sun, 11 Jun 2023 06:30:42 GMT
server: cloudflare
etag: W/"64856a12-6e8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
cf-ray: 7fc608becc3f6955-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pagination-left.svg
cdn.jotfor.ms/assets/img/cardforms/ 2 KB
856 B 17ms
17ms Image
image/svg+xml 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/cardforms/pagination-left.svg
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/default.css?469d59f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8012e087bb535299f2dfde5bf0cd2bc27303c028331293abeeb56dd9083ac448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jotfor.ms/stylebuilder/default.css?469d59f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 13938916
last-modified: Wed, 02 Feb 2022 06:49:14 GMT
server: cloudflare
etag: W/"61fa296a-619"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
cf-ray: 7fc608becc406955-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pagination-right.svg
cdn.jotfor.ms/assets/img/cardforms/ 1 KB
863 B 16ms
16ms Image
image/svg+xml 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jotfor.ms/assets/img/cardforms/pagination-right.svg
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/default.css?469d59f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51a6d3b954c82035c983486fce8a18699918d54679adbefbfe1bd82a48951142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jotfor.ms/stylebuilder/default.css?469d59f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:47 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 13938916
last-modified: Wed, 02 Feb 2022 06:49:14 GMT
server: cloudflare
etag: W/"61fa296a-5e3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: public, max-age=315360000
cf-ray: 7fc608becc416955-FRA
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, X-Prototype-Version, X-Requested-With
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 169244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:52:03 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 454 KB
183 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jotform.com/
Origin: https://www.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 13:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 13:38:05 GMT

GET
H2 200 Roboto-Regular.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ 65 KB
65 KB 144ms
144ms Font
text/html 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Regular.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e178027b9be4361a7f955246e7b9ed30629c3c1c672ab9eea76c85fefc7a03a

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto&display=swap
Origin: https://www.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:48 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Aug 2023 06:35:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7fc608bf38f33764-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 server.php
submit.jotform.com/ Frame 0
0 184ms
126ms Preflight
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://submit.jotform.com/server.php?action=getFormTranslations&formID=232115333119142&langCode=en%2Ces
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-prototype-version,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.jotform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With, X-Prototype-Version
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
access-control-request-method: POST, OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-encoding: gzip
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
content-type: text/javascript; charset=utf-8
date: Fri, 25 Aug 2023 18:52:48 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Fri, 25 Aug 2023 18:52:48 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-form-cache: MISS-APP

GET
H2 200 server.php Show response
submit.jotform.com/ 4 KB
2 KB 126ms
126ms XHR
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://submit.jotform.com/server.php?action=getFormTranslations&formID=232115333119142&langCode=en%2Ces
Requested by: Host: cdn02.jotfor.ms
URL: https://cdn02.jotfor.ms/static/prototype.forms.js?3.3.44786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2a509d81879e622fa2ccf8380669bf4b71fbd27632ade51b51ea666774ddf816

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
X-Prototype-Version: 1.7
Referer: https://www.jotform.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:48 GMT
access-control-request-method: POST, OPTIONS, GET
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:48 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: no-cache
x-form-cache: MISS-APP
access-control-allow-headers: X-Requested-With, X-Prototype-Version
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 square.js Show response
web.squarecdn.com/v1/ 345 KB
101 KB 188ms
10ms Script
application/javascript 2600:9000:223d:3800:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/v1/square.js
Requested by: Host: cdn03.jotfor.ms
URL: https://cdn03.jotfor.ms/js/square.js?v=3.3.44786
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa6e0fac32c895107003477af8326a7a9e29517b7ee97c952b482773ef94f453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: plQ.ZMe49WGPFiOzvcrpfa1FSpG9t4zx
content-encoding: gzip
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
date: Fri, 25 Aug 2023 18:37:57 GMT
x-amz-cf-pop: FRA56-P3
age: 892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-websdk-version: 1.51.2
last-modified: Thu, 24 Aug 2023 18:36:59 GMT
server: AmazonS3
etag: W/"29bfd683bea25f9d63ec42782e158a44"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-amz-meta-md5checksum: Kb/Wg76iX51j7EJ4LhWKRA==
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: jcTE9hccTwJ2EmBquw1u8h_V6-cXt0exCOygpL_DN-NpjIE-1eCP2g==

GET
H3 200 generateTransactionId Show response
www.jotform.com/API/payment/ 123 B
589 B 155ms
154ms XHR
application/json 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jotform.com/API/payment/generateTransactionId?ms=1692989568264

Requested by

Host: cdn03.jotfor.ms
URL: https://cdn03.jotfor.ms/static/jotform.forms.js?3.3.44786

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

307cb6c0a271e0798ab9f3bdba5eaf0bc6ea11b7bf998392f41971c4a3b8d14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.jotform.com/232115333119142
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 25 Aug 2023 18:52:48 GMT
strict-transport-security: max-age=31536000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
cf-ray: 7fc608c1a9f00e40-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 /
events.jotform.com/form/232115333119142/ 0
197 B 133ms
133ms Image
text/plain 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/form/232115333119142/?ref=&res=1600x1200&eventID=1692989568265_232115333119142_vZ3Dk18&loc=https%253A%252F%252Fwww.jotform.com%252F232115333119142
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 18:52:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Fri, 25 Aug 2023 14:52:48 GMT
server: cloudflare
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7fc608c1b94d1c7c-AMS
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
widgets.jotform.io/fieldMultiplier/ Frame D49B 550 B
736 B 151ms
129ms Document
text/html 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/fieldMultiplier/?qid=91&ref=https%3A%2F%2Fwww.jotform.com
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35964cd38d3d4aabf8eed41d04ed1052083ad5fff85f85a76a2b7f55d2ebd1f5

Request headers

Referer: https://www.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=315360000 public
cf-cache-status: DYNAMIC
cf-ray: 7fc608c1e82637ca-FRA
content-encoding: br
content-type: text/html
date: Fri, 25 Aug 2023 18:52:48 GMT
etag: W/"64e3593b-226"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Aug 2023 12:31:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OG2L%2F6rZGdTqLLkjJ%2BMyAuPYxW%2BmsvA2rpBPc2Rg%2F0nP8p%2BONjCECEjzx010Wx2mjPdXxQAPOTQRo5Og%2BLSy16mmGSYY58XxT1KJXNw9rYxIxHaHINjQSbYIvBImWh6tX%2BsrRF8lM4WppxRlshXQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-static: 1

GET
H2 200 / Show response
widgets.jotform.io/termsScroll/ Frame CC87 1 KB
790 B 153ms
133ms Document
text/html 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/termsScroll/?qid=67&ref=https%3A%2F%2Fwww.jotform.com
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36e49fa95444697cc3298dcae4f039e2347f48c0cd747a0256355dcd27c6dc39

Request headers

Referer: https://www.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=315360000 public
cf-cache-status: DYNAMIC
cf-ray: 7fc608c1e82837ca-FRA
content-encoding: br
content-type: text/html
date: Fri, 25 Aug 2023 18:52:48 GMT
etag: W/"64e3593c-499"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 21 Aug 2023 12:31:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCVDzxi7mrX0%2FezzcgHXrm56OzIwwEeqnxiBwOrcYANjl6yYvWhNC0rs5J3IW6DLsnaMyoBOow5ARLMxqHmt%2B%2BYpjUxJPpQe3DqUyj6yanHkc93AKQRnuKInzCuIUGky554gjGs3Lenuid%2BpjTWGAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-static: 1

GET
H3 200 server.php Show response
submit.jotform.com/ 1 KB
545 B 129ms
128ms XHR
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://submit.jotform.com/server.php?action=getCardFormTranslations&formID=232115333119142&langCode=en%2Ces
Requested by: Host: cdn02.jotfor.ms
URL: https://cdn02.jotfor.ms/static/prototype.forms.js?3.3.44786
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b521d79833e8fce387f2ce204185fe7e50b7a59842fea76e447da67b85ebae76

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
X-Prototype-Version: 1.7
Referer: https://www.jotform.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:48 GMT
access-control-request-method: POST, OPTIONS, GET
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:48 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: no-cache
x-form-cache: MISS-APP
access-control-allow-headers: X-Requested-With, X-Prototype-Version
expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H3 200 server.php
submit.jotform.com/ Frame 0
0 129ms
129ms Preflight
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://submit.jotform.com/server.php?action=getCardFormTranslations&formID=232115333119142&langCode=en%2Ces
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-prototype-version,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.jotform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With, X-Prototype-Version
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
access-control-request-method: POST, OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-encoding: gzip
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
content-type: text/javascript; charset=utf-8
date: Fri, 25 Aug 2023 18:52:48 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Fri, 25 Aug 2023 18:52:48 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-form-cache: MISS-APP

GET
H2 200 styles.min.css
widgets.jotform.io/fieldMultiplier/min/ Frame D49B 18 KB
4 KB 131ms
131ms Stylesheet
text/css 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/fieldMultiplier/min/styles.min.css
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/fieldMultiplier/?qid=91&ref=https%3A%2F%2Fwww.jotform.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d479c53eafb6fb1b73fdfdb79ca657878413146aa8fe74cfbf9e4682fa809c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/fieldMultiplier/?qid=91&ref=https%3A%2F%2Fwww.jotform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Fri, 25 Aug 2023 18:52:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 21 Aug 2023 12:31:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e3593b-46c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7K9gw%2BjEaG6Ll6KjSUJFPBYziCI7aHBfiEfQqiBvw%2FpWNczjl%2FiXnbWGyMiqRfQKWt7RhWo9EbDIxT4AG7iFsCzO2eJqLOHnc5JL8woSX0xGXA4YHAf9ANrGjFd%2BqK5wpPb9TUHDAQ5qsxSZWgzorg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 7fc608c2f9d037ca-FRA
x-static: 1

GET
H2 200 for-custom-widgets.js Show response
cdn.jotfor.ms/s/umd/latest/ Frame D49B 111 KB
42 KB 22ms
21ms Script
text/javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/s/umd/latest/for-custom-widgets.js
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/fieldMultiplier/?qid=91&ref=https%3A%2F%2Fwww.jotform.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 781d3c5fbfa443b25d92825446e48cc9809430b3a48d6c1f2952655161412993

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Aug 2023 11:57:10 GMT
x-store: gcs
server: cloudflare
age: 129
etag: W/"903384259ba3c1cb8dcde03c4c02ee9d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 7fc608c2fb066955-FRA
expires: Fri, 25 Aug 2023 19:25:43 GMT

GET
H2 200 scripts.min.js Show response
widgets.jotform.io/fieldMultiplier/min/ Frame D49B 2 KB
1 KB 132ms
132ms Script
application/x-javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/fieldMultiplier/min/scripts.min.js
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/fieldMultiplier/?qid=91&ref=https%3A%2F%2Fwww.jotform.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede311b9765e670bd97a2f5146079f4dc1ed6849d92f2b4aa0eee7ad67329d8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/fieldMultiplier/?qid=91&ref=https%3A%2F%2Fwww.jotform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Fri, 25 Aug 2023 18:52:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 21 Aug 2023 12:31:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e3593b-8d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrBO%2BXR3xCiIMAkPESkbZeYd8oLEBRMNvUaGHC%2Fvb1fmT1Mfu4MeCMEmgghePtaOmvBPf8nPpNfBN6Khkr2ES2cVJbl7kBbbS0TEzNUPXaDBSqQfutO3Fko7Qai%2BbQ%2F3SsbQz3iZTnNKUSN%2B%2BgEtaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 7fc608c2f9d237ca-FRA
x-static: 1

GET
H2 200 styles.min.css
widgets.jotform.io/termsScroll/min/ Frame CC87 2 KB
958 B 138ms
138ms Stylesheet
text/css 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/termsScroll/min/styles.min.css?v=1b9028aa2f41121c5a09b14029411ad9
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/termsScroll/?qid=67&ref=https%3A%2F%2Fwww.jotform.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7e50ed1efb58ebd7c4daa6f8a4eda9a709f4a9e0751b3a74ce643ead849ee1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/termsScroll/?qid=67&ref=https%3A%2F%2Fwww.jotform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Fri, 25 Aug 2023 18:52:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 21 Aug 2023 12:31:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e3593c-76e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShBaUgeqfC1KLingiEFFOpfYjtKdTDF3dUVd%2B7UQykQ8pY5HSgPDLQCthI0pwPZ2aAp%2Fgkm9rRB50v7suhyl8VDhC8jOz6Fetm9vSBoAxS0WopLC6gfy6LAXtH1LpyL2whlF02IETsh9pztcdp89RA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000, public
cf-ray: 7fc608c2f9d437ca-FRA
x-static: 1

GET
H2 200 for-custom-widgets.js Show response
cdn.jotfor.ms/s/umd/latest/ Frame CC87 111 KB
41 KB 30ms
30ms Script
text/javascript 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/s/umd/latest/for-custom-widgets.js
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/termsScroll/?qid=67&ref=https%3A%2F%2Fwww.jotform.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 781d3c5fbfa443b25d92825446e48cc9809430b3a48d6c1f2952655161412993

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 16 Aug 2023 11:57:10 GMT
x-store: gcs
server: cloudflare
age: 129
etag: W/"903384259ba3c1cb8dcde03c4c02ee9d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 7fc608c2fb0c6955-FRA
expires: Fri, 25 Aug 2023 19:25:43 GMT

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ Frame CC87 88 KB
30 KB 32ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/termsScroll/?qid=67&ref=https%3A%2F%2Fwww.jotform.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:48 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1692989568.dop263.fr8.t,1692989568.cds098.fr8.hn,1692989568.cds258.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H2 200 scripts.min.js Show response
widgets.jotform.io/termsScroll/min/ Frame CC87 7 KB
3 KB 136ms
136ms Script
application/x-javascript 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/termsScroll/min/scripts.min.js?v=1b9028aa2f41121c5a09b14029411ad9
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/termsScroll/?qid=67&ref=https%3A%2F%2Fwww.jotform.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1dbf651b14a4ff9f37d567cdaec42ef8d074645aee249dd32e80c857aacfcc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/termsScroll/?qid=67&ref=https%3A%2F%2Fwww.jotform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Fri, 25 Aug 2023 18:52:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 21 Aug 2023 12:31:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e3593c-1bab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saA%2FA62YntCwmM7rXLTPg2uv9%2FiBSXXltQ5PqdRJ2UOQpMt5F6JNx4DoNknmK9%2FWqGYhePb1E21C3IAqR3fPyq1JM%2F5YKRslWNhi3bLrc9MjvUeu0aoDvwpZ2ZmZX0Q0buz7wtWCuiSKe%2B2fs7nt0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000, public
cf-ray: 7fc608c2f9d537ca-FRA
x-static: 1

GET
H3 200 getPublicParams Show response
www.jotform.com/API/payment/square/ 209 B
630 B 155ms
155ms XHR
application/json 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jotform.com/API/payment/square/getPublicParams?formID=232115333119142&params=location,allowTest,showCard,showCashApp,showGooglePay,showApplePay

Requested by

Host: cdn03.jotfor.ms
URL: https://cdn03.jotfor.ms/static/jotform.forms.js?3.3.44786

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91839a0320554a8393647e4ffe6c25a48ffd6d86fc6a4db31f68d4f8f16c60c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.jotform.com/232115333119142
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 25 Aug 2023 18:52:48 GMT
strict-transport-security: max-age=31536000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
cf-ray: 7fc608c31c320e40-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 main-iframe.html Show response
web.squarecdn.com/1.51.2/ Frame B9E6 329 KB
92 KB 11ms
10ms Document
text/html 2600:9000:223d:3800:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.51.2/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=www.jotform.com
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e431519f728495792d81c71dc648e73d374b2119d2a1426e13d9efd7b00074ef

Request headers

Referer: https://www.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 76520
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Thu, 24 Aug 2023 21:37:29 GMT
etag: W/"56f61bd49cde932b150435feed7967fb"
last-modified: Tue, 22 Aug 2023 19:48:22 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-amz-cf-id: YsxGBIde0bXSBATuEOc8XoQKzypJvRULxkFjt8WkIFw9MEFzMpVjBA==
x-amz-cf-pop: FRA56-P3
x-amz-meta-md5checksum: VvYb1JzekysVBDX+7Xln+w==
x-amz-meta-websdk-version: 1.51.2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: NmZVwxhDVOvlkBT.o7rWbzVZU8_xX884
x-cache: Hit from cloudfront

GET
H2 200 fontawesome-webfont.woff
widgets.jotform.io/fieldMultiplier/fonts/ Frame D49B 43 KB
44 KB 136ms
136ms Font
text/html 2606:4700:20::681a:5e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jotform.io/fieldMultiplier/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: widgets.jotform.io
URL: https://widgets.jotform.io/fieldMultiplier/min/styles.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31e176c04f24fabc3791db04c971a4e57151283b09bab71b730599cd6acc102

Request headers

Referer: https://widgets.jotform.io/fieldMultiplier/min/styles.min.css
Origin: https://widgets.jotform.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 21 Aug 2023 12:31:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64e3593b-ad90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQYKII2MxgJkFtWPuCY9LXhRh10i1dakBqXO10%2F2PUESaTluAHDBGSBJgEHnq%2BKDqSDGLIqNyuwM1ngT531fDOF9JUfeWzHQvxhg58cYJRfDp3cB%2BKT71V6c8kg%2FVup%2FlY6AWYahi%2FVk6tFQ0a2upw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: no-cache
cf-ray: 7fc608c5be5137ca-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
cdn.jotfor.ms/fonts/ Frame CC87 3 KB
467 B 23ms
22ms Stylesheet
text/css 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/?family=Roboto
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/s/umd/latest/for-custom-widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c375043f418d3bd18eccfa0388d8ceddd30d471d7df5aac81e8232a4fa39ce15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:48 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 10:44:32 GMT
server: cloudflare
age: 13939696
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7fc608c609ff6955-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 232115333119142.widgets.52f8550f0019ace53000000b.css
cdn.jotfor.ms/stylebuilder/ Frame CC87 2 KB
990 B 353ms
353ms Stylesheet
text/css 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/232115333119142.widgets.52f8550f0019ace53000000b.css?v=1692989568964
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/s/umd/latest/for-custom-widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e49a594aa7e394d9593a8db1d5bea32498d5666ba5898517d3661b1c19bebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
x-form-cache: MISS-APP
cf-ray: 7fc608c60a086955-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 hydrate Show response
pci-connect.squareup.com/payments/ Frame B9E6 1013 B
1 KB 553ms
533ms Fetch
application/json 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=www.jotform.com&locationId=DHJ6TXHWHFV2H&version=1.51.2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.2/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=www.jotform.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5468efdcd8d1804a9f875b4873bc3770e850ad9f062a71eee935102ec5a1d1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
square-version: 2018-07-12
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
x-speleo-traceid: CDN-6e85defc-2d6b-465c-b7cc-1beb036a00c4
x-sq-region: iad2b
content-length: 595
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7fc608c78b4b3a6a-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 hydrate
pci-connect.squareup.com/payments/ Frame 0
0 211ms
160ms Preflight 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/hydrate?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=www.jotform.com&locationId=DHJ6TXHWHFV2H&version=1.51.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://web.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://web.squarecdn.com
cf-cache-status: DYNAMIC
cf-ray: 7fc608c66d102bdf-FRA
content-length: 0
date: Fri, 25 Aug 2023 18:52:49 GMT
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 Roboto-Regular.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ Frame CC87 65 KB
65 KB 143ms
143ms Font
text/html 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Regular.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e178027b9be4361a7f955246e7b9ed30629c3c1c672ab9eea76c85fefc7a03a

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto
Origin: https://widgets.jotform.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Aug 2023 06:35:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7fc608c62b6b3764-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A6F6 55 KB
31 KB 37ms
36ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdU3CgUAAAAAB0nnFM3M3T0sy707slYYU51RroJ&co=aHR0cHM6Ly93d3cuam90Zm9ybS5jb206NDQz&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=w7l9wihx5zl8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e6b8e9712a461867835a0e97a820a387d53c26d2738a6abb4eda7a26869efaf4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jhrr1YRTMFsVYzE2PNj7fQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 31595
content-security-policy: script-src 'report-sample' 'nonce-jhrr1YRTMFsVYzE2PNj7fQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 18:52:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
cdn.jotfor.ms/fonts/ Frame D49B 3 KB
428 B 16ms
16ms Stylesheet
text/css 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/?family=Roboto
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/s/umd/latest/for-custom-widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c375043f418d3bd18eccfa0388d8ceddd30d471d7df5aac81e8232a4fa39ce15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 17 Mar 2023 10:44:32 GMT
server: cloudflare
age: 13939697
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 7fc608c6bb086955-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 232115333119142.widgets.529058b0ca06414051000011.css
cdn.jotfor.ms/stylebuilder/ Frame D49B 1 KB
613 B 341ms
341ms Stylesheet
text/css 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/232115333119142.widgets.529058b0ca06414051000011.css?v=1692989569072
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/s/umd/latest/for-custom-widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b438cd08fcce2046f9947441db057665f924fec5e562864a41f34f5b16152d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.jotform.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
x-form-cache: MISS-APP
cf-ray: 7fc608c6bb0b6955-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 Roboto-Regular.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ Frame D49B 65 KB
65 KB 139ms
139ms Font
text/html 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Regular.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e178027b9be4361a7f955246e7b9ed30629c3c1c672ab9eea76c85fefc7a03a

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto
Origin: https://widgets.jotform.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Aug 2023 06:35:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7fc608c6dc2d3764-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame A6F6 55 KB
24 KB 25ms
9ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdU3CgUAAAAAB0nnFM3M3T0sy707slYYU51RroJ&co=aHR0cHM6Ly93d3cuam90Zm9ybS5jb206NDQz&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=w7l9wihx5zl8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 17:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 17:32:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame A6F6 454 KB
182 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 13:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 13:38:05 GMT

GET
DATA 200
OK truncated
/ Frame A6F6 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A6F6 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A6F6 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 01:27:29 GMT
x-content-type-options: nosniff
age: 235520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 30 Aug 2023 01:27:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A6F6 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 575686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:58:03 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A6F6 102 B
134 B 17ms
17ms Other
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdU3CgUAAAAAB0nnFM3M3T0sy707slYYU51RroJ&co=aHR0cHM6Ly93d3cuam90Zm9ybS5jb206NDQz&hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=w7l9wihx5zl8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 25 Aug 2023 18:52:49 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 5F49 7 KB
1 KB 20ms
20ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdU3CgUAAAAAB0nnFM3M3T0sy707slYYU51RroJ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8176913969f229eaf6b2a0f94ac56ced574a944c0d17bf8ca4e109f86374f430

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KS5eggBCtqikvvc6kD8FOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1160
content-security-policy: script-src 'report-sample' 'nonce-KS5eggBCtqikvvc6kD8FOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 18:52:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Roboto-Bold.woff2
cdn.jotfor.ms/fonts/Roboto/fonts/ Frame CC87 65 KB
65 KB 142ms
142ms Font
text/html 2606:4700:10::6816:4851
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/fonts/Roboto/fonts/Roboto-Bold.woff2
Requested by: Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/fonts/?family=Roboto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4851 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8a3b8f3d3e9d5ac3011157ffd538fa50c021bbe4400e8b06f562706e333308

Request headers

Referer: https://cdn.jotfor.ms/fonts/?family=Roboto
Origin: https://widgets.jotform.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 01 Aug 2023 06:35:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 7fc608c85eee3764-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 5F49 55 KB
24 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdU3CgUAAAAAB0nnFM3M3T0sy707slYYU51RroJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 17:32:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 17:32:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 5F49 454 KB
182 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LdU3CgUAAAAAB0nnFM3M3T0sy707slYYU51RroJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 13:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Aug 2024 13:38:05 GMT

GET
H2 200 data.js Show response
js.squareup.com/payments/ 80 KB
25 KB 464ms
419ms Script
application/javascript 172.66.0.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.squareup.com/payments/data.js

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

175ceeecb7be6c0cfbee5871d395ab2664670731fb0880fa0da44dae0733da9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jotform.com/
Origin: https://www.jotform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7fc608cb6fc990fb-FRA
access-control-allow-headers: Origin, X-Allow-Cookies, X-Block-Cookies

GET
H2 200 pay.js Show response
kit.cash.app/v1/ 306 KB
96 KB 82ms
16ms Script
application/javascript 2600:9000:26da:d400:1d:940e:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.cash.app/v1/pay.js
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:d400:1d:940e:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb8116340f8cfd6363e3a9d4dcb98af1490f29be21b160fe8baaf2c4b3341d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: xPCJesMwt3bxNlT8TDJy4i4fZq9Wl4bY
content-encoding: gzip
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
date: Fri, 25 Aug 2023 18:25:41 GMT
x-amz-cf-pop: MUC50-P4
age: 9244
x-amz-server-side-encryption: AES256
x-amz-meta-version: 1.71.6
x-cache: Hit from cloudfront
last-modified: Thu, 17 Aug 2023 15:23:32 GMT
server: AmazonS3
etag: W/"3cee5d31f5925dd96e15ec7a8e7e5aae"
access-control-max-age: 300
x-amz-meta-md5checksum: PO5dMfWSXdluFex6jn5arg==
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: U7vqmsnsxy0jNgZvWmjS4WvjIyzHchhlZfFUSmGhdt1i9hfb1xpYAw==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 116 KB
36 KB 128ms
74ms Script
application/javascript 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57cf76380c788e84a3ac2555875f9437ad95163bf4fb1c1097579cf327cd3f5c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-jOugvzP-ieKzf_Z6v9V-sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-jOugvzP-ieKzf_Z6v9V-sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 25 Aug 2023 18:52:49 GMT

GET
H2 200 single-card-element-iframe.html Show response
web.squarecdn.com/1.51.2/ Frame 11F8 8 KB
2 KB 10ms
10ms Document
text/html 2600:9000:223d:3800:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.51.2/single-card-element-iframe.html
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475

Request headers

Referer: https://www.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 76515
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Thu, 24 Aug 2023 21:38:33 GMT
etag: W/"03e704396b83c27986cdb35eb350b127"
last-modified: Tue, 22 Aug 2023 19:48:22 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
x-amz-cf-id: pl_K1PEoAle-aZA_zhkNG5Edt838ujVz7fG4QfgnpD4FgDfynrmE0g==
x-amz-cf-pop: FRA56-P3
x-amz-meta-md5checksum: A+cEOWuDwnmGzbNes1CxJw==
x-amz-meta-websdk-version: 1.51.2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 0fxzsxDlt6lGOJUosQh3f6chuis5cZE7
x-cache: Hit from cloudfront

POST
H3 200 232115333119142 Show response
www.jotform.com/API/payment/square/apmlog/ 80 B
561 B 154ms
153ms XHR
application/json 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jotform.com/API/payment/square/apmlog/232115333119142?details=PaymentMethodUnsupportedError:%20Method%20unsupported:%20Apple%20Pay%20is%20only%20available%20on%20Safari.&apm=showApplePay

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f899bf1c447844c0d8536c74278379f4d28a6470a74263cd7703ebd851542cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.jotform.com/232115333119142
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 25 Aug 2023 18:52:49 GMT
strict-transport-security: max-age=31536000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Fri, 25 Aug 2023 18:52:49 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
cf-ray: 7fc608cb3a6f0e40-AMS
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 token Show response
pci-connect.squareup.com/digital-wallets/google-pay/ Frame B9E6 255 B
380 B 429ms
428ms Fetch
application/json 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/digital-wallets/google-pay/token

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.2/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=www.jotform.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c04ebd7980fc27bc3f5ff12c70d3570f3e1be934cea3b56a145ea4c1d1dd3260

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
square-version: 2018-07-12
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
x-speleo-traceid: CDN-96dbf2fc-6edf-4365-b889-f38245885ddd
x-sq-region: iad2b
content-length: 241
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7fc608cc2b6f3a6a-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 token
pci-connect.squareup.com/digital-wallets/google-pay/ Frame 0
0 147ms
147ms Preflight 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/digital-wallets/google-pay/token

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://web.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://web.squarecdn.com
cf-cache-status: DYNAMIC
cf-ray: 7fc608cb3fbf2bdf-FRA
content-length: 0
date: Fri, 25 Aug 2023 18:52:49 GMT
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 card-wrapper.css
web.squarecdn.com/1.51.2/ 5 KB
2 KB 9ms
9ms Stylesheet
text/css 2600:9000:223d:3800:13:4005:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.squarecdn.com/1.51.2/card-wrapper.css
Requested by: Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3800:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: UqlvnylFis3n9wIEz.Rv6ie05qAzIG1U
content-encoding: gzip
via: 1.1 d9523e44e96d2539081596bb1d268d44.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 21:38:33 GMT
x-amz-cf-pop: FRA56-P3
age: 76513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-websdk-version: 1.51.2
last-modified: Tue, 22 Aug 2023 19:48:22 GMT
server: AmazonS3
etag: W/"fc8dede0a55deae1322d5d80b0e848a9"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-amz-meta-md5checksum: /I3t4KVd6uEyLV2AsOhIqQ==
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: Fb_tGM3sABy_COs_pw-yFpT2ZMt2kKgMlvXvLjTRai5UAoH4YHtciA==

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ 0
80 B 521ms
520ms Ping
text/plain 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.jotform.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7fc608cbbae93a6a-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 220ms
178ms Preflight 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.jotform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.jotform.com
access-control-max-age: 1800
cache-control: no-store
date: Fri, 25 Aug 2023 18:52:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-64e8f882-56e199ab041779b65537387f
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230093-FRA
x-timer: S1692989570.051396,VS0,VE171

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
662 B 192ms
145ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&catalog_name=cap_pk_page_view&cap_pk_page_view_instance_id=604b2caa-f77d-42e5-af6a-dd2a5b4b8a6e&cap_pk_page_view_client_id=CA-CI_SQ_SELLER&cap_pk_page_view_browser_name=Chrome&cap_pk_page_view_browser_version=116.0.5845.110&cap_pk_page_view_browser_width=1600&cap_pk_page_view_browser_height=1200&cap_pk_page_view_browser_major_version=116&cap_pk_page_view_os_version=10&cap_pk_page_view_os_name=Windows&cap_pk_page_view_base_url=https%3A%2F%2Fwww.jotform.com&cap_pk_page_view_device_screen_height=1200&cap_pk_page_view_device_screen_width=1600&nocache=16929895699251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cc5e912bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
320 B 539ms
493ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cc5e932bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 29 B
183 B 189ms
189ms Fetch
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1ee1070ef5d55755efc991c5726e85f7207670e1f44a6e3016237db49a4a80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jotform.com/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-oJAVhHqZhprAbrx8mGi8A3VcmIWnH5az
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS44LjAiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXZWIiLCJvcyI6IkNocm9tZSAxMTYiLCJkZXZpY2VfbW9kZWwiOiJXaW5kb3dzIiwidXNlcl9pZCI6IkNBLUNJX1NRX1NFTExFUiIsInVzZXJfcHJvcGVydGllcyI6e319
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 0
x-cache: MISS
content-length: 49
x-served-by: cache-fra-eddf8230093-FRA
x-timer: S1692989570.229938,VS0,VE181
x-amzn-trace-id: Root=1-64e8f882-17508a4e21f1c9601547c435
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.jotform.com
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 4C1E 18 KB
8 KB 199ms
198ms Document
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.jotform.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c898bd1b821b69d4fff025f681d7895547219681f3071c4b4a097fc3e7934df2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-1wlzZD9y6TH8-fsNBC0EQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-1wlzZD9y6TH8-fsNBC0EQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 25 Aug 2023 18:52:50 GMT
expires: Fri, 25 Aug 2023 18:52:50 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ Frame B9E6 0
44 B 421ms
420ms Ping
text/plain 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/1.51.2/main-iframe.html?applicationId=sq0idp-6hj_oP1Z6MUXu_rUpVOYHg&hostname=www.jotform.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://web.squarecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7fc608cc5bac3a6a-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xwx0dBJXMiU.es5.O/am=AMA4/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=... Frame 4C1E 157 KB
55 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xwx0dBJXMiU.es5.O/am=AMA4/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgHaasKh9EAzKnaN83Au7dJwGCPKw/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.jotform.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a6df666fa91ad4d51637e2eaccd1c4d9f1194d828085eee56c9c0b0ec85f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 16:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56762
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 01:28:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 16:31:11 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 4C1E 2 KB
2 KB 118ms
118ms Other
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xwx0dBJXMiU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.1d2... Frame 4C1E 71 KB
26 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xwx0dBJXMiU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.1d2Pc6Bah1o.L.B1.O/am=AMA4/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrggkLTrFKFJBCJz6sp-xruCWIVx1g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xwx0dBJXMiU.es5.O/am=AMA4/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgHaasKh9EAzKnaN83Au7dJwGCPKw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c63960533ab3c6ce989bf2264ca288e39ad850320f2321b9cd96a2ba34631582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 16:34:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26804
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 03:24:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 16:34:44 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 4C1E 1 MB
371 KB 80ms
79ms XHR
text/html 2a00:1450:400c:c04::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab4c385737f0ccccab96649d1cf0dcba8689967d14efc90a8305956fb14d4562

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-vLeTd9vQEpgl-2WahToUog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-vLeTd9vQEpgl-2WahToUog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 25 Aug 2023 18:52:50 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xwx0dBJXMiU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.1d2... Frame 4C1E 9 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xwx0dBJXMiU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.1d2Pc6Bah1o.L.B1.O/am=AMA4/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrggkLTrFKFJBCJz6sp-xruCWIVx1g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f0bb5c1d0201ee051e9c0e727a495a285221d8892f7b1076dcfd96393da3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 16:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3909
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 03:24:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 16:34:45 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xwx0dBJXMiU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.1d2... Frame 4C1E 36 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xwx0dBJXMiU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.1d2Pc6Bah1o.L.B1.O/am=AMA4/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrggkLTrFKFJBCJz6sp-xruCWIVx1g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2976339a33097ea6e18c2eb91f1c60dfe40c2b457774af2c47adca607a7f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 16:34:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13850
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 03:24:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 16:34:45 GMT

POST
H3 200 log Show response
play.google.com/ Frame 4C1E 131 B
155 B 61ms
44ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 18:52:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 64ms
40ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 25 Aug 2023 18:52:50 GMT
expires: Fri, 25 Aug 2023 18:52:50 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4C1E 131 B
155 B 64ms
47ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 18:52:50 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 63ms
40ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 25 Aug 2023 18:52:50 GMT
expires: Fri, 25 Aug 2023 18:52:50 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 62ms
41ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 25 Aug 2023 18:52:50 GMT
expires: Fri, 25 Aug 2023 18:52:50 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4C1E 131 B
155 B 58ms
43ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 18:52:50 GMT

GET
H2 200 frame.html Show response
connect.squareup.com/payments/data/ Frame 108C 33 KB
13 KB 456ms
418ms Document
text/html 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fwww.jotform.com%2F232115333119142

Requested by

Host: js.squareup.com
URL: https://js.squareup.com/payments/data.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272b4db4025bd31e8f8d0073f165954f5d7e40ecc062928d1b54c5ef895d09c6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fc608ce6ac0907c-FRA
content-encoding: gzip
content-security-policy: default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
content-type: text/html
date: Fri, 25 Aug 2023 18:52:50 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-sq-dc: iad2b
x-sq-region: iad2b
x-xss-protection: 1; mode=block

GET
H2 200 enclave.html Show response
kit.cash.app/1.71.6/pay/ Frame 05B0 239 B
836 B 15ms
14ms Document
text/html 2600:9000:26da:d400:1d:940e:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.cash.app/1.71.6/pay/enclave.html
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/v1/pay.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:d400:1d:940e:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9aceade2bbc4d4e106f6a6596f22c1fc2a30fe0a4952af437eae6d25a8779b4e

Request headers

Referer: https://www.jotform.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 300
age: 65904
cache-control: public, max-age=31536000, immutable
content-length: 239
content-type: text/html; charset=utf-8
date: Fri, 25 Aug 2023 00:34:27 GMT
etag: "4d76433cf2bf173c139b7d3660f26615"
last-modified: Thu, 17 Aug 2023 15:13:08 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
x-amz-cf-id: 4ti3Y2lECxDpgJI2Y23UlcGCZUZZ-MGu3-3XQSNdbQqQt-47MRdHNg==
x-amz-cf-pop: MUC50-P4
x-amz-meta-md5checksum: TXZDPPK/FzwTm302YPJmFQ==
x-amz-meta-version: 1.71.6
x-amz-server-side-encryption: AES256
x-amz-version-id: A.FBoPIDmIALb4hetyRK1Xup0CS1X.Ib
x-cache: Hit from cloudfront

GET
H2 200 enclave.js Show response
kit.cash.app/1.71.6/pay/ Frame 05B0 120 KB
37 KB 14ms
14ms Script
application/javascript 2600:9000:26da:d400:1d:940e:c980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.cash.app/1.71.6/pay/enclave.js
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/1.71.6/pay/enclave.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:d400:1d:940e:c980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afb18734b9795cc8bb5086a75f696982ccde650dc82dba0466c9a8acc6040a1f

Request headers

Referer: https://kit.cash.app/1.71.6/pay/enclave.html
Origin: https://kit.cash.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: aZaDWCwg7_m8uSLqIJ0Fma6OS5E76GRu
content-encoding: gzip
via: 1.1 7949f2957c23173b6f2b16db26ab42f6.cloudfront.net (CloudFront)
date: Fri, 25 Aug 2023 18:25:42 GMT
x-amz-cf-pop: MUC50-P4
age: 11198
x-amz-server-side-encryption: AES256
x-amz-meta-version: 1.71.6
x-cache: Hit from cloudfront
last-modified: Thu, 17 Aug 2023 15:13:08 GMT
server: AmazonS3
etag: W/"92b29b829b643c27e6be39dd9b169dcd"
access-control-max-age: 300
x-amz-meta-md5checksum: krKbgptkPCfmvjndmxadzQ==
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding
x-amz-cf-id: q_7-XuhNt3xGTtbbdEyMXpp__P_vel-q4_4rPi9jIoPp6I4COYyx1Q==

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 42ms
42ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 25 Aug 2023 18:52:50 GMT
expires: Fri, 25 Aug 2023 18:52:50 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 4C1E 131 B
155 B 44ms
44ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 18:52:50 GMT

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
118 B 158ms
158ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cefdad2bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
118 B 164ms
164ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKit&cap_pk_base_hostname=www.jotform.com&cap_pk_base_instance_id=604b2caa-f77d-42e5-af6a-dd2a5b4b8a6e&cap_pk_customer_request_action=CREATE&cap_pk_customer_request_details_amount_currency=USD&cap_pk_customer_request_details_amount_value=1&cap_pk_customer_request_details_payment_action_scope_id=MMI_78aoy0okk048t234phyoks9c5&cap_pk_customer_request_details_redirect_url=https%3A%2F%2Fwww.jotform.com%2F232115333119142&cap_pk_customer_request_raw=%7B%22event%22%3A%22CUSTOMER_REQUEST%3ACREATE%3ASTART%22%2C%22eventData%22%3A%7B%22customerRequestDetails%22%3A%7B%22actions%22%3A%7B%22payment%22%3A%7B%22amount%22%3A%7B%22currency%22%3A%22USD%22%2C%22value%22%3A1%7D%2C%22scopeId%22%3A%22MMI_78aoy0okk048t234phyoks9c5%22%7D%7D%2C%22redirectURL%22%3A%22https%3A%2F%2Fwww.jotform.com%2F232115333119142%22%7D%7D%2C%22eventSource%22%3A%22PayKit%22%7D&cap_pk_customer_request_status=START&catalog_name=cap_pk_customer_request&nocache=16929895704004

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cf0dbf2bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
118 B 459ms
458ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cf0dc42bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
118 B 156ms
155ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cf0dc72bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
118 B 406ms
406ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cf0dc92bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
118 B 494ms
494ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cf0dcc2bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
118 B 148ms
148ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cf0dcf2bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

OPTIONS
H2 200 requests
api.cash.app/customer-request/v1/ Frame 0
0 210ms
165ms Preflight 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cash.app/customer-request/v1/requests
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://kit.cash.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Language,Content-Type,Last-Event-ID,Origin,X-Requested-With
access-control-allow-methods: POST
access-control-allow-origin: https://kit.cash.app
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS
content-length: 0
date: Fri, 25 Aug 2023 18:52:50 GMT
server: istio-envoy
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-upstream-service-time: 63
x-served-by: cache-fra-eddf8230132-FRA
x-timer: S1692989570.453454,VS0,VE157

POST
H2 201 requests Show response
api.cash.app/customer-request/v1/ Frame 05B0 1 KB
750 B 281ms
281ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cash.app/customer-request/v1/requests
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/1.71.6/pay/enclave.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: ac821dfdba50435984d49241dd541d3abf678d22d29b6828db343a7810dd082a

Request headers

accept: application/json
Referer: https://kit.cash.app/
accept-language: de-DE,de;q=0.9
authorization: Client CA-CI_SQ_SELLER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 182
content-length: 570
x-served-by: cache-fra-eddf8230132-FRA
server: istio-envoy
x-timer: S1692989571.623276,VS0,VE271
vary: Origin, Origin, Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kit.cash.app
access-control-expose-headers: Content-Type
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
118 B 494ms
493ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608cf1e072bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

POST
H2 202 logs
csp-report.browser-intake-datadoghq.com/api/v2/ Frame 108C 0
0 419ms
185ms Other
application/json 2600:1f18:24e6:b902:c043:5d8:f69c:85d
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Aproduction&service=payapi-analytics
Requested by: Host: www.jotform.com
URL: https://www.jotform.com/232115333119142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:c043:5d8:f69c:85d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.squareup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/csp-report

Response headers

POST
H2 200 token Show response
connect.squareup.com/v2/analytics/ Frame 108C 108 B
521 B 141ms
140ms XHR
application/json 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareup.com/v2/analytics/token

Requested by

Host: connect.squareup.com
URL: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fwww.jotform.com%2F232115333119142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2504dd73f2a8974b3763002a9b9823d242aa24612162e21ba1f048c0304007f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.squareup.com/payments/data/frame.html?referer=https%3A%2F%2Fwww.jotform.com%2F232115333119142
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 25 Aug 2023 18:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
square-version: 2018-07-12
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
x-speleo-traceid: CDN-6632ee33-7439-4ec8-9418-08dac1ab8b2c
x-sq-region: iad2b
content-length: 127
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://connect.squareup.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7fc608d17e82907c-FRA
access-control-allow-headers: Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies

POST
H2 204 v2
pci-connect.squareup.com/payments/mtx/ 0
67 B 141ms
141ms Ping
text/plain 162.159.140.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareup.com/payments/mtx/v2

Requested by

Host: web.squarecdn.com
URL: https://web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jotform.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Fri, 25 Aug 2023 18:52:51 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sq-dc: iad2b
x-permitted-cross-domain-policies: none
x-sq-region: iad2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.jotform.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 7fc608d1fbb93a6a-FRA
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
141 B 150ms
150ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=pay_kit&u_library_name=js%2Feventstream&u_library_version=__VERSION__&cap_pk_base_client_id=CA-CI_SQ_SELLER&cap_pk_base_environment=production&cap_pk_base_event_source=PayKit&cap_pk_base_hostname=www.jotform.com&cap_pk_base_instance_id=604b2caa-f77d-42e5-af6a-dd2a5b4b8a6e&cap_pk_base_customer_request_id=GRR_ggnhdfn7wy8k228qhwjc8qnx&cap_pk_customer_request_action=CREATE&cap_pk_customer_request_raw=%7B%22event%22%3A%22CUSTOMER_REQUEST%3ACREATE%3AOK%22%2C%22eventData%22%3A%7B%22createCustomerRequestResponse%22%3A%7B%22actions%22%3A%5B%22ONE_TIME_PAYMENT%22%5D%2C%22authFlowTriggers%22%3A%7B%22mobileURL%22%3A%22https%3A%2F%2Fapi.cash.app%2Fcustomer-request%2Fv1%2Frequests%2FGRR_ggnhdfn7wy8k228qhwjc8qnx%2Finterstitial%3Fvalidity_token%3D2z6szs%22%2C%22qrCodeImageURL%22%3A%22https%3A%2F%2Fapi.cash.app%2Fqr%2Ff%2FGRANTLY_MANAGED_GRANT%253Frequest_id%3DGRR_ggnhdfn7wy8k228qhwjc8qnx-2z6szs%26method%3Dqr%26type%3Dcap%3Frounded%3D0%26format%3Dpng%22%2C%22refreshesAt%22%3A%222023-08-25T18%3A53%3A20.707Z%22%7D%2C%22customerProfile%22%3A%22%5BREDACTED%5D%22%2C%22expiresAt%22%3A%222023-08-25T19%3A52%3A50.707Z%22%2C%22id%22%3A%22GRR_ggnhdfn7wy8k228qhwjc8qnx%22%2C%22requesterProfile%22%3A%7B%22logoURL%22%3A%22https%3A%2F%2Ffranklin-assets.s3.amazonaws.com%2Fmerchants%2Fassets%2Fv3%2Fgeneric%2Fm_category_business.png%22%2C%22name%22%3A%22william%20perez%22%7D%2C%22status%22%3A%22PENDING%22%7D%2C%22customerRequestId%22%3A%22GRR_ggnhdfn7wy8k228qhwjc8qnx%22%7D%2C%22eventSource%22%3A%22PayKit%22%7D&cap_pk_customer_request_status=OK&catalog_name=cap_pk_customer_request&nocache=169298957090511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.jotform.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 18:52:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: DENY
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-sq-dc: aws
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
x-sq-region: us-east-1
cf-ray: 7fc608d22cd92bb8-FRA
content-length: 56
x-xss-protection: 1; mode=block

GET
H2 200 GRR_ggnhdfn7wy8k228qhwjc8qnx Show response
api.cash.app/customer-request/v1/requests/ Frame 05B0 1 KB
656 B 171ms
170ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cash.app/customer-request/v1/requests/GRR_ggnhdfn7wy8k228qhwjc8qnx
Requested by: Host: kit.cash.app
URL: https://kit.cash.app/1.71.6/pay/enclave.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: ac821dfdba50435984d49241dd541d3abf678d22d29b6828db343a7810dd082a

Request headers

accept: application/json
Referer: https://kit.cash.app/
accept-language: de-DE,de;q=0.9
authorization: Client CA-CI_SQ_SELLER
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Fri, 25 Aug 2023 18:52:51 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 74
content-length: 570
x-served-by: cache-fra-eddf8230132-FRA
server: istio-envoy
x-timer: S1692989571.072089,VS0,VE163
vary: Origin, Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kit.cash.app
access-control-expose-headers: Content-Type
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 GRR_ggnhdfn7wy8k228qhwjc8qnx
api.cash.app/customer-request/v1/requests/ Frame 0
0 163ms
163ms Preflight 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cash.app/customer-request/v1/requests/GRR_ggnhdfn7wy8k228qhwjc8qnx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://kit.cash.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Language,Content-Type,Last-Event-ID,Origin,X-Requested-With
access-control-allow-methods: GET,PATCH
access-control-allow-origin: https://kit.cash.app
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS
content-length: 0
date: Fri, 25 Aug 2023 18:52:51 GMT
server: istio-envoy
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-upstream-service-time: 65
x-served-by: cache-fra-eddf8230132-FRA
x-timer: S1692989571.908380,VS0,VE154

POST
H2 204 log-event
pay.cash.app/api/ Frame 05B0 0
362 B 600ms
550ms Ping
text/plain 162.159.140.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.cash.app/api/log-event

Requested by

Host: kit.cash.app
URL: https://kit.cash.app/1.71.6/pay/enclave.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.44 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload

Request headers

Referer: https://kit.cash.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kit.cash.app
date: Fri, 25 Aug 2023 18:52:51 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7fc608d59f8a9b31-FRA
vary: Origin, Accept-Encoding

POST
H2 204 record-metric
pay.cash.app/api/ Frame 05B0 0
256 B 753ms
706ms Ping
text/plain 162.159.140.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.cash.app/api/record-metric

Requested by

Host: kit.cash.app
URL: https://kit.cash.app/1.71.6/pay/enclave.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.44 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload

Request headers

Referer: https://kit.cash.app/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kit.cash.app
date: Fri, 25 Aug 2023 18:52:52 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7fc608d59f8f9b31-FRA
vary: Origin, Accept-Encoding

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jotform.com/	1969-12-31 23:59:59	Name: JOTFORM_SESSION Value: 77072b10-4857-345a-969c-6a8539a6
.jotform.com/	1970-01-20 15:01:07	Name: guest Value: guest_5985c653ae7a9b5b
.jotform.com/	1970-01-20 15:01:07	Name: userReferer Value: https%3A%2F%2Fwww.jotform.com%2F232115333119142
.squareup.com/	1970-01-20 23:52:29	Name: _savt Value: 262f36e8-c0b4-400f-854b-16b5605673a1
.pci-connect.squareup.com/	1970-01-20 14:16:31	Name: __cf_bm Value: bItNeyN.Y0Ia5YOSWTpLJ7.OPnZBfB06vZF7VHy_080-1692989569-0-AYXrDirN/fIkE8/FgknTisdCi8lKEx76/h6tIpxsL8xn8L4CzPB+jUEY7nZDb+Ici2zSaBM/T1y1js/by1f54ek=
.google.com/	1970-01-20 18:40:00	Name: NID Value: 511=k4lwx7jSYGduW7enhuLsaP2ZPnIrvx6hM1NDLYTcLnoAKuykgi-ycCbGke-Wz5ZSPXdu3H9I2JZ5yo7BlRCDQ3Pf3lKut_w-Qxu72bVEygXWv0bkvyL2FNyaHCCfZ7QQ_z7OE33WqyugXuRnmbrUM3lgMiPDA6RyuvXIkMlCy-w
.api.squareup.com/	1970-01-20 14:16:31	Name: __cf_bm Value: i7WD1286KfUCt2WtyeuIzO9AUhb0qDEljEYRNnPZw8U-1692989570-0-AXuhMvKOD8+s2J3UG6RuZo0BtUpHwQtJKoPL8v32wEkr3ITkYhKsktWfXq6S5j1IzWVu4n1Cup2gso5qkXSe+gY=
.connect.squareup.com/	1970-01-20 14:16:31	Name: __cf_bm Value: 1zaRm9EyyZNhL2dNV2SdR5qj6UX41.TcEFay8RfdMvg-1692989570-0-AdjWMAE/IYUPopj8ylvrJtPUFv5rPAKer51XBfRisNyZvcg1ZaZFuYc4rfxAJVhMAe5qPiPj8fMo4HLQgEimBjo=
.pay.cash.app/	1970-01-20 14:16:31	Name: __cf_bm Value: EDR_KnX2Nxv5BPlTBNa8q_awk3dsN4h8xTtTs98X8ns-1692989572-0-ARBtvNgWXqffKd5fAwVM3uH+0Q5jY9lVImopL/yCOB1sJmLem9nRXog8GkHa2Jg5T1y7lFimf5yO3fDPVd/+tiM=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://cdn03.jotfor.ms/static/jotform.forms.js?3.3.44786(Line 114) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cash.app
api.lab.amplitude.com
api.squareup.com
browser.sentry-cdn.com
cdn.jotfor.ms
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cdnjs.cloudflare.com
code.jquery.com
connect.squareup.com
csp-report.browser-intake-datadoghq.com
events.jotform.com
files.jotform.com
fonts.googleapis.com
fonts.gstatic.com
js.squareup.com
kit.cash.app
pay.cash.app
pay.google.com
pci-connect.squareup.com
play.google.com
submit.jotform.com
web.squarecdn.com
widgets.jotform.io
www.google.com
www.gstatic.com
www.jotform.com
151.101.130.132
151.101.2.133
162.159.137.66
162.159.140.44
162.159.140.47
172.66.0.47
2001:4de0:ac18::1:a:2b
2600:1f18:24e6:b902:c043:5d8:f69c:85d
2600:9000:223d:3800:13:4005:e4c0:93a1
2600:9000:26da:d400:1d:940e:c980:93a1
2606:4700:10::6816:4851
2606:4700:10::6816:4951
2606:4700:10::ac43:76b
2606:4700:11::6817:860b
2606:4700:20::681a:5e1
2606:4700::6811:180e
2a00:1450:4001:806::2003
2a00:1450:4001:809::2004
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c04::5c
2a04:4e42:400::729
35.190.41.132
35.201.118.58
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c8aa75f73c7b43afbf61eb85ad74f5cb17f0cdee97c77fa6800ca40949cd81a
175ceeecb7be6c0cfbee5871d395ab2664670731fb0880fa0da44dae0733da9c
1a6f5ed9b605f10e4b08abcc3f9b7f32fcaede28b2eb39455ad5b81f32c81714
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e2976339a33097ea6e18c2eb91f1c60dfe40c2b457774af2c47adca607a7f03
2504dd73f2a8974b3763002a9b9823d242aa24612162e21ba1f048c0304007f4
272b4db4025bd31e8f8d0073f165954f5d7e40ecc062928d1b54c5ef895d09c6
2a509d81879e622fa2ccf8380669bf4b71fbd27632ade51b51ea666774ddf816
307cb6c0a271e0798ab9f3bdba5eaf0bc6ea11b7bf998392f41971c4a3b8d14d
35964cd38d3d4aabf8eed41d04ed1052083ad5fff85f85a76a2b7f55d2ebd1f5
35fdc3921c46c55eb96f756548c094d30d83cf479bedafedf301653c39bef252
36e49fa95444697cc3298dcae4f039e2347f48c0cd747a0256355dcd27c6dc39
3a8a3b8f3d3e9d5ac3011157ffd538fa50c021bbe4400e8b06f562706e333308
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41f4ceddebe04630fe781aadd9956883463438f1df6a6e93bbef067c1fa00699
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
45cf9b3de6561edd7d94188310de6d7e0887a4c50e28ea53b2d92c2877940c39
48e49a594aa7e394d9593a8db1d5bea32498d5666ba5898517d3661b1c19bebd
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51a6d3b954c82035c983486fce8a18699918d54679adbefbfe1bd82a48951142
5281b1f3a209f0656707bccb3c2f7ea37ca69816b3ac272c1bf9e3fe06e7ba7b
5468efdcd8d1804a9f875b4873bc3770e850ad9f062a71eee935102ec5a1d1e2
56a4ffe8a834122463a6e62bbddfea8112362ec287bb3f2deb19b84eb57c2c4b
57cf76380c788e84a3ac2555875f9437ad95163bf4fb1c1097579cf327cd3f5c
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176
6f7663ca613711f3d9a2aa2d7a31ff5249c1053b4d034b0385ee5c764c08c943
704df2afd6d11b66de551ac7d9a36f5d608f492d0d6eedd0eb0511aa0dc54dbc
75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05
781d3c5fbfa443b25d92825446e48cc9809430b3a48d6c1f2952655161412993
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7e178027b9be4361a7f955246e7b9ed30629c3c1c672ab9eea76c85fefc7a03a
7f52a67efde6061b08523ce2243e232ce337d094b30bb5bfe6c3aeff3df81b6d
8012e087bb535299f2dfde5bf0cd2bc27303c028331293abeeb56dd9083ac448
81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e
8176913969f229eaf6b2a0f94ac56ced574a944c0d17bf8ca4e109f86374f430
86137bbfb4e598fb9fbb16ef4a5432e48909a23fd1341f0a9f0f896902a14676
870cf8347bb045c8cf29a13b94c9034886de84ba1286b8635ea9ab217f93b78c
88f0bb5c1d0201ee051e9c0e727a495a285221d8892f7b1076dcfd96393da3a5
91839a0320554a8393647e4ffe6c25a48ffd6d86fc6a4db31f68d4f8f16c60c4
95b4d569b98136a29f3419ff5cd161c55a570eb8f25ad6d9f360bf7849d34a4c
9aceade2bbc4d4e106f6a6596f22c1fc2a30fe0a4952af437eae6d25a8779b4e
a24900c86ec80b7061d8e05bc5a0e82f4bfefebfc95d84132913f45cba3911c4
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
aad19a864d8a9be3b4d9f46cc8dc786e0983ff124e09a89904207147580d9d23
ab4c385737f0ccccab96649d1cf0dcba8689967d14efc90a8305956fb14d4562
aba48469286a91d672f75c23affd49b26cbc09a696eece7af576abb279214585
ac821dfdba50435984d49241dd541d3abf678d22d29b6828db343a7810dd082a
afb18734b9795cc8bb5086a75f696982ccde650dc82dba0466c9a8acc6040a1f
b2436decf515a60d3b29801c6a74ce90328373b9480ff96e6753909d6f301f7a
b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50
b31e176c04f24fabc3791db04c971a4e57151283b09bab71b730599cd6acc102
b3a6df666fa91ad4d51637e2eaccd1c4d9f1194d828085eee56c9c0b0ec85f18
b438cd08fcce2046f9947441db057665f924fec5e562864a41f34f5b16152d94
b521d79833e8fce387f2ce204185fe7e50b7a59842fea76e447da67b85ebae76
b6a62cf033caeb973492ea18c06fc13b91cc79353cf52af42ef4fb2d5331049e
b8047d9d95b509cbfed6fb40b429d64aaed51c9e8622b2e6cc089efda58fc868
bb8116340f8cfd6363e3a9d4dcb98af1490f29be21b160fe8baaf2c4b3341d79
c04ebd7980fc27bc3f5ff12c70d3570f3e1be934cea3b56a145ea4c1d1dd3260
c375043f418d3bd18eccfa0388d8ceddd30d471d7df5aac81e8232a4fa39ce15
c548ab92911cb0c3db4cbbe04248ddbfd4f50759d33b73ba54f6086cb7716b68
c60462a13076bea84c6a3cbf1dd87bbc0f39c877b0f31ead3c9fd45dfb15f336
c63960533ab3c6ce989bf2264ca288e39ad850320f2321b9cd96a2ba34631582
c898bd1b821b69d4fff025f681d7895547219681f3071c4b4a097fc3e7934df2
c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771
cd62e1811abf5572388bb4f4ef47d76dcfad942156d4eb5acdfe7d64a17e7924
d1dbf651b14a4ff9f37d567cdaec42ef8d074645aee249dd32e80c857aacfcc7
d479c53eafb6fb1b73fdfdb79ca657878413146aa8fe74cfbf9e4682fa809c77
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475
d7eeeba23ee08ef3c7ea9fd649b04510617a18c12ae1e1174cff662943708feb
daa26b4e27d0c52ce264a88a323d939b6193ffe96b66b8d592f41d729c6fe758
e0bc93cf21593b8d929bdf120feb2a53095e9e31a99396020c87a39dbe9043ab
e12e95176d4efb550a002ba411794aae00c31d552761c984e8d3ec33d597dbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e431519f728495792d81c71dc648e73d374b2119d2a1426e13d9efd7b00074ef
e6b8e9712a461867835a0e97a820a387d53c26d2738a6abb4eda7a26869efaf4
e7e50ed1efb58ebd7c4daa6f8a4eda9a709f4a9e0751b3a74ce643ead849ee1d
e911c692092b040a584b0d8a51a018ddfcffcfaf72783f25cbf05aaea509ec95
ede311b9765e670bd97a2f5146079f4dc1ed6849d92f2b4aa0eee7ad67329d8e
edffda66b1342435af833f05a908fa8a1a18f5c9fcf8db344cf656c04487a63f
f1ee1070ef5d55755efc991c5726e85f7207670e1f44a6e3016237db49a4a80f
f3e4a06f8518d0b05c817c35ab157d8f171674c4c96144db765d15fd2870900a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f899bf1c447844c0d8536c74278379f4d28a6470a74263cd7703ebd851542cdb
f9a8e9477e8396e41f5fcf55ca686bd4428dd88c62d8451fcb44ffefdbeafe55
fa6e0fac32c895107003477af8326a7a9e29517b7ee97c952b482773ef94f453
ff926faccf771b8ae9aaf90e2912ec33c1f3c6afd96f9c4ddf06fca63e1f0a49

www.jotform.com Open in urlscan Pro 2606:4700:11::6817:860b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

98 %HTTPS

68 %IPv6

14 Domains

28 Subdomains

26 IPs

5 Countries

4422 kBTransfer

10082 kBSize

9 Cookies

0 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jotform.com Open in urlscan Pro
2606:4700:11::6817:860b Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

98 %
HTTPS

68 %
IPv6

14
Domains

28
Subdomains

26
IPs

5
Countries

4422 kB
Transfer

10082 kB
Size

9
Cookies

128 HTTP transactions
6 data transactions