mymarketaccount.net Open in urlscan Pro
18.66.248.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://365pay.app.link/createaccount?accountid=955cac39a84a455d8751d5bc8450aadc
Effective URL:
https://mymarketaccount.net/
Submission: On May 24 via api (May 24th 2022, 9:48:09 pm UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 22 HTTP transactions. The main IP is 18.66.248.2, located in United States and belongs to AMAZON-02, US. The main domain is mymarketaccount.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 24th 2021. Valid for: a year.

This is the only time mymarketaccount.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:205... 2600:9000:2057:b400:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	18.66.248.2 18.66.248.2	16509 (AMAZON-02) (AMAZON-02)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	100.21.100.13 100.21.100.13	16509 (AMAZON-02) (AMAZON-02)
1	52.73.254.191 52.73.254.191	14618 (AMAZON-AES) (AMAZON-AES)
2	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	34.216.95.44 34.216.95.44	16509 (AMAZON-02) (AMAZON-02)
22	7

1 2600:9000:2057:b400:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

365pay.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.248.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-2.dus51.r.cloudfront.net

mymarketaccount.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 100.21.100.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-21-100-13.us-west-2.compute.amazonaws.com

tally.prod.readytouchpos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.254.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-254-191.compute-1.amazonaws.com

img.365retailmarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.216.95.44 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-95-44.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	readytouchpos.com tally.prod.readytouchpos.com — Cisco Umbrella Rank: 393501	2 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1068 q.stripe.com — Cisco Umbrella Rank: 6349 m.stripe.com — Cisco Umbrella Rank: 943	76 KB
4	mymarketaccount.net mymarketaccount.net	2 MB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3175 onesignal.com — Cisco Umbrella Rank: 1158	73 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1115	17 KB
1	365retailmarkets.com img.365retailmarkets.com — Cisco Umbrella Rank: 619829	51 KB
1	app.link 1 redirects 365pay.app.link	452 B
22	7

	Domain	Requested by
6	tally.prod.readytouchpos.com	mymarketaccount.net
4	mymarketaccount.net	mymarketaccount.net
3	js.stripe.com	mymarketaccount.net js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	mymarketaccount.net
2	cdn.onesignal.com	mymarketaccount.net cdn.onesignal.com
1	m.stripe.com	m.stripe.network
1	img.365retailmarkets.com	mymarketaccount.net
1	onesignal.com	cdn.onesignal.com
1	365pay.app.link	1 redirects
22	10

This site contains no links.

Subject Issuer	Validity	Valid
mymarketaccount.net Go Daddy Secure Certificate Authority - G2	`2021-06-24` - `2022-06-28`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
tally.prod.readytouchpos.com Go Daddy Secure Certificate Authority - G2	`2021-06-24` - `2022-06-05`	a year	crt.sh
*.365retailmarkets.com Go Daddy Secure Certificate Authority - G2	`2021-06-24` - `2022-07-25`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2022-06-09`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh

This page contains 3 frames:

Primary Page: https://mymarketaccount.net/
Frame ID: 6ABCDF94A18A3AC5CF3701077063A954
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-649431882ac2f1ed1f457f73c22ec4a1.html
Frame ID: BEE5A1F03F44657B09F9A6711BFF26FA
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FF8E3259C755216015BFDD74EA8FB596
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

365Pay

Page URL History Show full URLs

https://365pay.app.link/createaccount?accountid=955cac39a84a455d8751d5bc8450aadc HTTP 307
https://mymarketaccount.net/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

22
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

10
Subdomains

7
IPs

1
Countries

2201 kB
Transfer

7985 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://365pay.app.link/createaccount?accountid=955cac39a84a455d8751d5bc8450aadc HTTP 307
https://mymarketaccount.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mymarketaccount.net/
Redirect Chain

https://365pay.app.link/createaccount?accountid=955cac39a84a455d8751d5bc8450aadc
https://mymarketaccount.net/

5 KB
2 KB

80ms
25ms

Document
text/html

18.66.248.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mymarketaccount.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-2.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b42b61d9d2c42fd8c9d3de46fa5ee8808dad23e5e93db9528f9a081f85e562bb

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69232
content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
content-type: text/html
date: Tue, 24 May 2022 02:34:12 GMT
etag: W/"6d60ae95b0ba31ec3dd6bf2fe754852b"
last-modified: Mon, 28 Feb 2022 18:48:19 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
x-amz-cf-id: UtBs71ALNYNap1VB5lQ0lxHqGc_7qKw7ZxlzgwxacMhn0R9M6fzwmQ==
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: lB6jY_YNuQh.AJdhnt_enpP.tmDvG8MR
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 24 May 2022 21:48:03 GMT
last-modified: Tue, 24 May 2022 21:48:03 GMT
location: https://mymarketaccount.net/
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-id: gQ3A2E9Zaem68WG2NbdfzMzmHLK6C4sVytTdoKve4LMMC6EvNabcPg==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront

GET
H2 200 / Show response
js.stripe.com/v3/ 311 KB
73 KB 155ms
21ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: mymarketaccount.net
URL: https://mymarketaccount.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e3e1d3aa0fa2aa9b34715fcf6bbd32de8910efbbeb687275c8a6018d8e954289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 25
x-cache: HIT
content-length: 74707
etag: "f2d58b8647b8806ecc4ca1ed0155a42a"
x-request-id: e305aebe-1880-4ca5-81f0-92a0fc5be59d
x-served-by: cache-hhn4029-HHN
access-control-allow-origin: *
last-modified: Tue, 24 May 2022 18:08:44 GMT
server: Fastly
date: Tue, 24 May 2022 21:48:04 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 91ms
46ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: mymarketaccount.net
URL: https://mymarketaccount.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 71093bbcfc995c32-FRA
date: Tue, 24 May 2022 21:48:04 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3268
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 27 May 2022 21:48:04 GMT

GET
H2 200 runtime~app.2e9f1821.js Show response
mymarketaccount.net/static/js/ 2 KB
1 KB 25ms
25ms Script
application/javascript 18.66.248.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mymarketaccount.net/static/js/runtime~app.2e9f1821.js

Requested by

Host: mymarketaccount.net
URL: https://mymarketaccount.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-2.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cf5179307dc84ec5a14ccca0239492462451e615bcf862c4d6a16bde628f5553

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mymarketaccount.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: 6toJ7FjW09jqTijCzCSZnicDQPS_NmDn
content-encoding: gzip
x-content-type-options: nosniff
age: 3555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 24 May 2022 21:48:02 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Feb 2022 18:48:24 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"10e90ab684dc31670ad8db85ead20410"
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: blMyLxSgfKw_Wwe1r3sU0VZBsSGpbEbM_catrBrDGE2S_Z9jiTAMXw==

GET
H2 200 2.62c9210f.chunk.js Show response
mymarketaccount.net/static/js/ 5 MB
1 MB 26ms
25ms Script
application/javascript 18.66.248.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mymarketaccount.net/static/js/2.62c9210f.chunk.js

Requested by

Host: mymarketaccount.net
URL: https://mymarketaccount.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-2.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

58fce7e84ad75e665de56a590a51d048599da320bf6ebe3042253042b0767793

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mymarketaccount.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: bQL1A_7uhYgobAHUPcL3FLUQXnPuC0gp
content-encoding: gzip
x-content-type-options: nosniff
age: 3555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 24 May 2022 21:48:02 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Feb 2022 18:48:22 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"a9f7e4d7a9033b71103f5bd120574f7d-2"
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: q7R8muKmiGE5CxH7POe_zlnM_7IbrZvbXoIuA_Xpxhsjr1QYXC4Duw==

GET
H2 200 app.dc0b20a8.chunk.js Show response
mymarketaccount.net/static/js/ 2 MB
468 KB 31ms
31ms Script
application/javascript 18.66.248.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mymarketaccount.net/static/js/app.dc0b20a8.chunk.js

Requested by

Host: mymarketaccount.net
URL: https://mymarketaccount.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-2.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5f2c629b409f87c2c168ba3f4372f82db63f9592e8417a197d8fd128ab33c3e9

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mymarketaccount.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: x897allRsR3k2Q3gHtIV5eglKpzoNrWP
content-encoding: gzip
x-content-type-options: nosniff
age: 3555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 24 May 2022 21:48:02 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 28 Feb 2022 18:48:23 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"43ff7b2bb946d8672391b8e5c4c5c244"
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/javascript
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 9gDO9NgebMSoEKO6N4TrSlX0LkHoBLgQ9lHIqGnCwgjh4fk7lzqx0A==

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 36ms
35ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cf-ray: 71093bbdfebd5c32-FRA
date: Tue, 24 May 2022 21:48:04 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3251
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 27 May 2022 21:48:04 GMT

OPTIONS
H2 204 register
tally.prod.readytouchpos.com/tallyapi/auth/ Frame 0
0 543ms
182ms Preflight 100.21.100.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tally.prod.readytouchpos.com/tallyapi/auth/register
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.21.100.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-21-100-13.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mymarketaccount.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://mymarketaccount.net
date: Tue, 24 May 2022 21:48:05 GMT
server-timing: intid;desc=361b02809ab84488
x-powered-by: Express
x-request-id: c1c9ac3b-4876-48a5-b3b3-4a0e1bd64be3

GET
H2 200 web Show response
onesignal.com/api/v1/sync/2f91b1cd-736e-4bfa-a5ad-3e7e2bc23d8c/ 5 KB
2 KB 31ms
30ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/2f91b1cd-736e-4bfa-a5ad-3e7e2bc23d8c/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff86ee8d46d048b6fa9ee5b25bf0426ae613d646cece495dc2e2a18c05443abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 21:48:04 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 165
cf-polished: origSize=4690
status: 200 OK
x-envoy-upstream-service-time: 24
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0bdf37cc-87ab-4f6a-ae25-e11ac4fe5bf8
x-runtime: 0.023473
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"57b8a482df47d4f73bd4958145d14d29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 71093bc1cea45c32-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 24 May 2022 22:48:04 GMT

POST
H2 200 register Show response
tally.prod.readytouchpos.com/tallyapi/auth/ 91 B
471 B 219ms
219ms Fetch
application/json 100.21.100.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tally.prod.readytouchpos.com/tallyapi/auth/register
Requested by: Host: mymarketaccount.net
URL: https://mymarketaccount.net/static/js/app.dc0b20a8.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.21.100.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-21-100-13.us-west-2.compute.amazonaws.com
Software: Jetty(9.3.5.v20151012) / Express
Resource Hash: 4443efa99330a22636b46557087e142ff9d08235a69c49fcaf0cee4524ebb332

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 24 May 2022 21:48:05 GMT
server: Jetty(9.3.5.v20151012)
x-powered-by: Express
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH
content-type: application/json
access-control-allow-origin: https://mymarketaccount.net
access-control-allow-credentials: true
server-timing: intid;desc=48d2bfa29135ca8a
access-control-allow-headers: Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
content-length: 91
x-request-id: 0ec9ded8-3b53-4ad3-bd61-cf59225d4c63

GET
H/1.1 200
OK 365pay-logo.png
img.365retailmarkets.com/ 51 KB
51 KB 314ms
104ms Image
image/png 52.73.254.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.365retailmarkets.com/365pay-logo.png
Requested by: Host: mymarketaccount.net
URL: https://mymarketaccount.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 52.73.254.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-254-191.compute-1.amazonaws.com
Software: Apache/2.4.52 (Debian) /
Resource Hash: 8817fd20a6a273f6ffad3522cc2e9480f46b5ad0aeecb1f065d0439b8f6c94ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 24 May 2022 21:48:05 GMT
Last-Modified: Wed, 04 Jan 2017 04:58:47 GMT
Server: Apache/2.4.52 (Debian)
ETag: "cc46-5453da3cd0fc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 52294

GET
H2 200 m-outer-649431882ac2f1ed1f457f73c22ec4a1.html Show response
js.stripe.com/v3/ Frame BEE5 240 B
550 B 20ms
20ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-649431882ac2f1ed1f457f73c22ec4a1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

305b771259a162818153be892d01690871e1f34ff0b6cf698b8d0784eabcde8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 701045
cache-control: max-age=31536000
content-encoding: br
content-length: 140
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 24 May 2022 21:48:04 GMT
etag: "649431882ac2f1ed1f457f73c22ec4a1"
last-modified: Mon, 16 May 2022 19:02:17 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 201649
x-content-type-options: nosniff
x-request-id: d6af0744-3c54-4e2b-a766-05fcf1243ea3
x-served-by: cache-hhn4029-HHN

POST
H2 200 csp-report
q.stripe.com/ Frame BEE5 0
571 B 555ms
185ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: mymarketaccount.net
URL: https://mymarketaccount.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 24 May 2022 21:48:05 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1a38b79520d1f12946bcd3ee7bd6d1b4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BEE5 1 KB
773 B 20ms
20ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1a38b79520d1f12946bcd3ee7bd6d1b4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-649431882ac2f1ed1f457f73c22ec4a1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-649431882ac2f1ed1f457f73c22ec4a1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 49
x-cache: HIT
content-length: 645
etag: "799080ebea6eade0766c4725741ce6bf"
x-request-id: 86f0d2ae-88de-46da-97bd-1cebd5a5cca4
x-served-by: cache-hhn4029-HHN
access-control-allow-origin: *
last-modified: Mon, 16 May 2022 19:02:05 GMT
server: Fastly
date: Tue, 24 May 2022 21:48:04 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 44

GET
H2 200 inner.html Show response
m.stripe.network/ Frame FF8E 930 B
1 KB 26ms
25ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1a38b79520d1f12946bcd3ee7bd6d1b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 228
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 24 May 2022 21:48:04 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 180
x-content-type-options: nosniff
x-request-id: c1ef8f86-d323-4c42-bd4f-9606b84c1506
x-served-by: cache-hhn4029-HHN
x-timer: S1653428885.912000,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame FF8E 0
344 B 500ms
186ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: mymarketaccount.net
URL: https://mymarketaccount.net/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 24 May 2022 21:48:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame FF8E 86 KB
16 KB 22ms
22ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 172
x-cache: HIT
content-length: 16031
x-request-id: 5c664f3a-b493-45d4-b97b-cf4ed49792ab
x-served-by: cache-hhn4029-HHN
server: Fastly
x-timer: S1653428885.939512,VS0,VE0
date: Tue, 24 May 2022 21:48:04 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 146

POST
H2 200 6 Show response
m.stripe.com/ Frame FF8E 156 B
524 B 576ms
194ms XHR
application/json 34.216.95.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.95.44 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-95-44.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3e813e23de4af7cd965a8929cfcdb97b9fe4ca7014908993111be883df10aa22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 24 May 2022 21:48:05 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 login Show response
tally.prod.readytouchpos.com/tallyapi/auth/ 279 B
682 B 193ms
192ms Fetch
application/json 100.21.100.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tally.prod.readytouchpos.com/tallyapi/auth/login
Requested by: Host: mymarketaccount.net
URL: https://mymarketaccount.net/static/js/app.dc0b20a8.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.21.100.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-21-100-13.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash: 74bff2b1d8e13c038b78f02c3341f6b1fb63deba399a063d2da3972824da8088

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 24 May 2022 21:48:05 GMT
x-powered-by: Express
etag: W/"117-0+v3qXauN+FJrMOtz5wB1fE80fg"
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mymarketaccount.net
access-control-allow-credentials: true
server-timing: intid;desc=dec3e90c267ef670
access-control-allow-headers: Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
content-length: 279
x-request-id: a197fcc1-ed85-425f-9037-85f207bf11fc

OPTIONS
H2 204 login
tally.prod.readytouchpos.com/tallyapi/auth/ Frame 0
0 182ms
182ms Preflight 100.21.100.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tally.prod.readytouchpos.com/tallyapi/auth/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.21.100.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-21-100-13.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://mymarketaccount.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://mymarketaccount.net
date: Tue, 24 May 2022 21:48:05 GMT
server-timing: intid;desc=8f180a4cb8a7bc29
x-powered-by: Express
x-request-id: ce5404af-c82a-4cbc-beeb-68790d62aab9

GET
H2 200 privacyversion Show response
tally.prod.readytouchpos.com/gmaapi/gma/ 64 B
446 B 187ms
187ms Fetch
application/json 100.21.100.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tally.prod.readytouchpos.com/gmaapi/gma/privacyversion?id=
Requested by: Host: mymarketaccount.net
URL: https://mymarketaccount.net/static/js/app.dc0b20a8.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.21.100.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-21-100-13.us-west-2.compute.amazonaws.com
Software: Jetty(9.2.30.v20200428) / Express
Resource Hash: f67ddaafea12de1f989121f23bbd4900361f4963dabb8bd1dde0699b76b861dc

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Referer
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcGlrZXkiOiI3NGQ4OWZhMWU3NzM5MDQxODJiNDNiMTZjNmJlOTQ4ZSIsInJvbGVzIjpbIjM2NXBheSJdLCJpYXQiOjE2NTM0Mjg4ODUsImV4cCI6MTY1MzQzNjA4NSwic3ViIjoiNzRkODlmYTFlNzczOTA0MTgyYjQzYjE2YzZiZTk0OGUifQ.bGJJnVOib1u7e-oH2eQfWuJvLPjFhPZBhK5hq_xkERQ
Content-Type: application/json

Response headers

date: Tue, 24 May 2022 21:48:06 GMT
server: Jetty(9.2.30.v20200428)
x-powered-by: Express
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH
content-type: application/json
access-control-allow-origin: https://mymarketaccount.net
access-control-allow-credentials: true
server-timing: intid;desc=098e6953b4276f30
access-control-allow-headers: Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
content-length: 64
x-request-id: a11c8306-594d-4002-8054-3600be3d39e2

OPTIONS
H2 204 privacyversion
tally.prod.readytouchpos.com/gmaapi/gma/ Frame 0
0 183ms
183ms Preflight 100.21.100.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tally.prod.readytouchpos.com/gmaapi/gma/privacyversion?id=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.21.100.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-21-100-13.us-west-2.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://mymarketaccount.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin, X-Requested-With, X-AUTHENTICATION, X-IP, Authorization
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://mymarketaccount.net
date: Tue, 24 May 2022 21:48:06 GMT
server-timing: intid;desc=21eb23b2acec31d0
x-powered-by: Express
x-request-id: cde6547a-52f5-4395-bc32-50eb0dba58b7

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.app.link/	1970-01-20 12:02:44	Name: _s Value: P3Mzsx4jrF4kVxtFBlBHsjwhLG6Luc30YC02je1hrfsk0fMf%2B33hsehhtaw52lK3
mymarketaccount.net/	1970-01-20 12:02:44	Name: ai_user Value: i8I6e70WCEau9gb7bVJUM9\|2022-05-24T21:48:04.520Z
mymarketaccount.net/	1970-01-20 03:17:10	Name: ai_session Value: yA1mm0a7UsmK3uYZX2HMaC\|1653428884756\|1653428884756
m.stripe.com/	1970-01-20 20:48:20	Name: m Value: acf4d54d-2e6b-4db9-8c7f-13d7b89e39d7dfd57b
.mymarketaccount.net/	1970-01-20 12:02:44	Name: __stripe_mid Value: 840ad159-2657-4d80-8003-0a45281875c184fc03
.mymarketaccount.net/	1970-01-20 03:17:10	Name: __stripe_sid Value: 9d8914e6-2009-475b-9de7-57451598b8595eddd8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

365pay.app.link
cdn.onesignal.com
img.365retailmarkets.com
js.stripe.com
m.stripe.com
m.stripe.network
mymarketaccount.net
onesignal.com
q.stripe.com
tally.prod.readytouchpos.com
100.21.100.13
151.101.64.176
18.66.248.2
2600:9000:2057:b400:19:9934:6a80:93a1
2606:4700::6812:e134
34.216.95.44
52.73.254.191
54.186.23.98
305b771259a162818153be892d01690871e1f34ff0b6cf698b8d0784eabcde8f
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
3e813e23de4af7cd965a8929cfcdb97b9fe4ca7014908993111be883df10aa22
4443efa99330a22636b46557087e142ff9d08235a69c49fcaf0cee4524ebb332
58fce7e84ad75e665de56a590a51d048599da320bf6ebe3042253042b0767793
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5f2c629b409f87c2c168ba3f4372f82db63f9592e8417a197d8fd128ab33c3e9
74bff2b1d8e13c038b78f02c3341f6b1fb63deba399a063d2da3972824da8088
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
8817fd20a6a273f6ffad3522cc2e9480f46b5ad0aeecb1f065d0439b8f6c94ea
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b42b61d9d2c42fd8c9d3de46fa5ee8808dad23e5e93db9528f9a081f85e562bb
cf5179307dc84ec5a14ccca0239492462451e615bcf862c4d6a16bde628f5553
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e1d3aa0fa2aa9b34715fcf6bbd32de8910efbbeb687275c8a6018d8e954289
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f67ddaafea12de1f989121f23bbd4900361f4963dabb8bd1dde0699b76b861dc
ff86ee8d46d048b6fa9ee5b25bf0426ae613d646cece495dc2e2a18c05443abc

mymarketaccount.net Open in urlscan Pro 18.66.248.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

25 %IPv6

7 Domains

10 Subdomains

7 IPs

1 Countries

2201 kBTransfer

7985 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

mymarketaccount.net Open in urlscan Pro
18.66.248.2 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

10
Subdomains

7
IPs

1
Countries

2201 kB
Transfer

7985 kB
Size

6
Cookies

22 HTTP transactions
0 data transactions