sq.dclinuxtest.com Open in urlscan Pro
85.239.242.8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sq.dclinuxtest.com/
Submission: On February 24 via api (February 24th 2024, 5:58:48 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 16 HTTP transactions. The main IP is 85.239.242.8, located in St Louis, United States and belongs to NL-811-40021, US. The main domain is sq.dclinuxtest.com.
TLS certificate: Issued by R3 on February 21st 2024. Valid for: 3 months.

This is the only time sq.dclinuxtest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	85.239.242.8 85.239.242.8	40021 (NL-811-40021) (NL-811-40021)
5	2600:9000:23c... 2600:9000:23ca:6000:1:f8a6:840:93a1	16509 (AMAZON-02) (AMAZON-02)
7	172.66.0.28 172.66.0.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.49 151.101.193.49	54113 (FASTLY) (FASTLY)
16	5

2 85.239.242.8 (St Louis, United States)

ASN40021 (NL-811-40021, US)
PTR: vmi1376918.contaboserver.net

sq.dclinuxtest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:23ca:6000:1:f8a6:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

sandbox.web.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.66.0.28 (United States)

ASN13335 (CLOUDFLARENET, US)

connect.squareupsandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pci-connect.squareupsandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.49 (United States)

ASN54113 (FASTLY, US)

square-fonts-production-f.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	squareupsandbox.com connect.squareupsandbox.com pci-connect.squareupsandbox.com	14 KB
7	squarecdn.com sandbox.web.squarecdn.com — Cisco Umbrella Rank: 475539 square-fonts-production-f.squarecdn.com — Cisco Umbrella Rank: 43233	260 KB
2	dclinuxtest.com sq.dclinuxtest.com	14 KB
16	3

	Domain	Requested by
5	sandbox.web.squarecdn.com	sq.dclinuxtest.com sandbox.web.squarecdn.com
4	pci-connect.squareupsandbox.com	sandbox.web.squarecdn.com
3	connect.squareupsandbox.com	sq.dclinuxtest.com sandbox.web.squarecdn.com connect.squareupsandbox.com
2	square-fonts-production-f.squarecdn.com	sandbox.web.squarecdn.com
2	sq.dclinuxtest.com	sq.dclinuxtest.com
16	5

This site contains no links.

Subject Issuer	Validity	Valid
sq.dclinuxtest.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
sandbox.web.squarecdn.com Amazon RSA 2048 M01	`2023-04-02` - `2024-04-30`	a year	crt.sh
squareupsandbox.com Cloudflare Inc ECC CA-3	`2023-03-30` - `2024-03-28`	a year	crt.sh
api.squareup.com Entrust Certification Authority - L1K	`2023-03-24` - `2024-03-23`	a year	crt.sh
*.squarecdn.com R3	`2024-01-27` - `2024-04-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://sq.dclinuxtest.com/
Frame ID: 2F9BCA2608DF4EA6555B3D483594F950
Requests: 9 HTTP requests in this frame

Frame: https://sandbox.web.squarecdn.com/1.54.8/main-iframe.html?applicationId=sandbox-sq0idb-nX9B-BStAeG3S9quYmRRLw&hostname=sq.dclinuxtest.com
Frame ID: BE281ED9E556348EAD7C908E067829F3
Requests: 3 HTTP requests in this frame

Frame: https://connect.squareupsandbox.com/payments/data/frame.html?referer=https%3A%2F%2Fsq.dclinuxtest.com%2F
Frame ID: 63028B1912BC84AC97DF07AC80C4841D
Requests: 2 HTTP requests in this frame

Frame: https://sandbox.web.squarecdn.com/1.54.8/single-card-element-iframe.html
Frame ID: F0DCA256E5F1232941CD7822344CE115
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Square Web Payments Quickstart

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

16
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

5
IPs

1
Countries

289 kB
Transfer

801 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sq.dclinuxtest.com/ 4 KB
5 KB 545ms
263ms Document
text/html 85.239.242.8
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://sq.dclinuxtest.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 85.239.242.8 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1376918.contaboserver.net
Software: Apache /
Resource Hash: b0acd1684a83495765a718fe9f0751fb7be85464ed12302eafbe019d213d952d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 24 Feb 2024 17:58:43 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 square.js Show response
sandbox.web.squarecdn.com/v1/ 355 KB
100 KB 144ms
31ms Script
application/javascript 2600:9000:23ca:6000:1:f8a6:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandbox.web.squarecdn.com/v1/square.js
Requested by: Host: sq.dclinuxtest.com
URL: https://sq.dclinuxtest.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:6000:1:f8a6:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13e5be8529d666e248cdbb739f49560ce4ba48614cdf27f6d1e82f2b2f01591e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sq.dclinuxtest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: OWUzeid11qfDBqZLu1DJcrhJqvnMYzB9
content-encoding: gzip
via: 1.1 babb61789095288ef1d09146c15e7f1e.cloudfront.net (CloudFront)
date: Fri, 23 Feb 2024 18:29:54 GMT
x-amz-cf-pop: JFK50-P2
age: 84530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
x-amz-meta-websdk-version: 1.54.8
last-modified: Thu, 22 Feb 2024 18:29:48 GMT
server: AmazonS3
etag: W/"54f9ec723528e88a5a6ec43eab1825c0"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-amz-meta-md5checksum: VPnscjUo6IpabsQ+qxglwA==
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: j8kM94eAVe2HEWH6ebvgfuvFMLjli8UGoJBTPindTa9eQQ4125qh9A==

GET
H/1.1 200
OK card-payment.css
sq.dclinuxtest.com/square-assets/ 9 KB
9 KB 44ms
42ms Stylesheet
text/css 85.239.242.8
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL: https://sq.dclinuxtest.com/square-assets/card-payment.css
Requested by: Host: sq.dclinuxtest.com
URL: https://sq.dclinuxtest.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 85.239.242.8 St Louis, United States, ASN40021 (NL-811-40021, US),
Reverse DNS: vmi1376918.contaboserver.net
Software: Apache /
Resource Hash: 83f5a1b689b57d45aec792d55a024e16b0a4506336d025bf426c449de3368235

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sq.dclinuxtest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Sat, 24 Feb 2024 17:58:43 GMT
Last-Modified: Thu, 22 Feb 2024 10:31:46 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9147

GET
H2 404 payments
connect.squareupsandbox.com/v1/ 0
0 294ms
143ms Script
text/plain 172.66.0.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.squareupsandbox.com/v1/payments
Requested by: Host: sq.dclinuxtest.com
URL: https://sq.dclinuxtest.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sq.dclinuxtest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H2 200 main-iframe.html Show response
sandbox.web.squarecdn.com/1.54.8/ Frame BE28 321 KB
91 KB 33ms
29ms Document
text/html 2600:9000:23ca:6000:1:f8a6:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandbox.web.squarecdn.com/1.54.8/main-iframe.html?applicationId=sandbox-sq0idb-nX9B-BStAeG3S9quYmRRLw&hostname=sq.dclinuxtest.com
Requested by: Host: sandbox.web.squarecdn.com
URL: https://sandbox.web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:6000:1:f8a6:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5cdbd3c2fd57c6a218c46fd687430b5ce368e7ca196040486472682dc0f8f7d

Request headers

Referer: https://sq.dclinuxtest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 66387
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Fri, 23 Feb 2024 23:32:17 GMT
etag: W/"24aecbe4227808bc6b4e222a76e1e882"
last-modified: Tue, 20 Feb 2024 23:13:02 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 babb61789095288ef1d09146c15e7f1e.cloudfront.net (CloudFront)
x-amz-cf-id: IPgoNIZ9eEsI_3GIIDrJplTaPBRzbyEQzG2t3eSih4g11aQ2BmuzcQ==
x-amz-cf-pop: JFK50-P2
x-amz-meta-md5checksum: JK7L5CJ4CLxrTiIqduHogg==
x-amz-meta-websdk-version: 1.54.8
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: HOD2c90grZUNBnHHmD7.T6LJxMtINeMb
x-cache: Hit from cloudfront

GET
H2 200 hydrate Show response
pci-connect.squareupsandbox.com/payments/ Frame BE28 937 B
1 KB 457ms
420ms Fetch
application/json 172.66.0.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareupsandbox.com/payments/hydrate?applicationId=sandbox-sq0idb-nX9B-BStAeG3S9quYmRRLw&hostname=sq.dclinuxtest.com&locationId=L95B1JAM6BCGT&version=1.54.8

Requested by

Host: sandbox.web.squarecdn.com
URL: https://sandbox.web.squarecdn.com/1.54.8/main-iframe.html?applicationId=sandbox-sq0idb-nX9B-BStAeG3S9quYmRRLw&hostname=sq.dclinuxtest.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

946b2060a1a40b52c0d08f7dc047c13663af5cf7fa1ab7264bfee8b77cf6ce23

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json
Referer: https://sandbox.web.squarecdn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json; charset=utf-8

Response headers

date: Sat, 24 Feb 2024 17:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-decorator-operation: /payments/hydrate
square-version: 2023-12-13
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
x-sq-dc: sjc2b
x-speleo-traceid: CDN-dd358c96-7824-4b91-a144-7b00cdcc37a9
x-sq-region: sjc2b
content-length: 560
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://sandbox.web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 85a9992d9dce4bcf-BUF
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

OPTIONS
H2 200 hydrate
pci-connect.squareupsandbox.com/payments/ Frame 0
0 258ms
168ms Preflight 172.66.0.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareupsandbox.com/payments/hydrate?applicationId=sandbox-sq0idb-nX9B-BStAeG3S9quYmRRLw&hostname=sq.dclinuxtest.com&locationId=L95B1JAM6BCGT&version=1.54.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://sandbox.web.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://sandbox.web.squarecdn.com
cf-cache-status: DYNAMIC
cf-ray: 85a9992c4a9b4bc9-BUF
content-length: 0
date: Sat, 24 Feb 2024 17:58:44 GMT
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-decorator-operation: /payments/hydrate
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sq-dc: sjc2b
x-sq-region: sjc2b
x-xss-protection: 1; mode=block

GET
H2 200 square-threeds-modal.css
sandbox.web.squarecdn.com/1.54.8/ 962 B
2 KB 30ms
29ms Stylesheet
text/css 2600:9000:23ca:6000:1:f8a6:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandbox.web.squarecdn.com/1.54.8/square-threeds-modal.css
Requested by: Host: sandbox.web.squarecdn.com
URL: https://sandbox.web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:6000:1:f8a6:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5112629409347fd52abeb0e5334189f3519ed16063f8a7effdc980c3c278f0a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sq.dclinuxtest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: odqFrMegMmmd7Xpe6m5S5nBDGbAsN1EO
date: Sat, 24 Feb 2024 08:06:28 GMT
via: 1.1 babb61789095288ef1d09146c15e7f1e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
age: 35537
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-websdk-version: 1.54.8
content-length: 962
last-modified: Tue, 20 Feb 2024 23:13:02 GMT
server: AmazonS3
etag: "3fca24ab80f6131497a131e8b38633b3"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-amz-meta-md5checksum: P8okq4D2ExSXoTHos4Yzsw==
cache-control: public, max-age=300
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: cnI5htDNbrNE0OapVuGfgD4i951zZ389H78OzCxQr4kzsHBzSehKYA==

GET
H2 200 frame.html Show response
connect.squareupsandbox.com/payments/data/ Frame 6302 33 KB
12 KB 88ms
86ms Document
text/html 172.66.0.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareupsandbox.com/payments/data/frame.html?referer=https%3A%2F%2Fsq.dclinuxtest.com%2F

Requested by

Host: sandbox.web.squarecdn.com
URL: https://sandbox.web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1347a51dd266e16c38378cdf7d13e1d10f0611685758eb680a9db2dc80ad252b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Asandbox&service=payapi-analytics
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sq.dclinuxtest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85a999304a8da1f3-YYZ
content-encoding: gzip
content-security-policy: default-src 'none'; script-src 'unsafe-inline' https://browser.sentry-cdn.com; connect-src 'self' https://sentry.io; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubb119f8492ddb8bdf4934c5212c4b03d2&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=service%3Apayapi-analytics%2Cenv%3Asandbox&service=payapi-analytics
content-type: text/html
date: Sat, 24 Feb 2024 17:58:44 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-decorator-operation: /payments/data/**
x-permitted-cross-domain-policies: none
x-sq-dc: aws
x-sq-region: us-east-1
x-xss-protection: 1; mode=block

GET
H2 200 single-card-element-iframe.html Show response
sandbox.web.squarecdn.com/1.54.8/ Frame F0DC 8 KB
2 KB 29ms
26ms Document
text/html 2600:9000:23ca:6000:1:f8a6:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandbox.web.squarecdn.com/1.54.8/single-card-element-iframe.html
Requested by: Host: sandbox.web.squarecdn.com
URL: https://sandbox.web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:6000:1:f8a6:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475

Request headers

Referer: https://sq.dclinuxtest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-max-age: 300
age: 22844
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html
date: Sat, 24 Feb 2024 11:38:01 GMT
etag: W/"03e704396b83c27986cdb35eb350b127"
last-modified: Tue, 20 Feb 2024 23:13:02 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 babb61789095288ef1d09146c15e7f1e.cloudfront.net (CloudFront)
x-amz-cf-id: 84422ktT5htnRyKNkZXw3jkjaWydqbLm_bq18LvuvsO9dB1tCD8JqA==
x-amz-cf-pop: JFK50-P2
x-amz-meta-md5checksum: A+cEOWuDwnmGzbNes1CxJw==
x-amz-meta-websdk-version: 1.54.8
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: gBDG9vqZ8IZHg0BYssxX1aNLvAYOVyw9
x-cache: Hit from cloudfront

GET
H2 200 card-wrapper.css
sandbox.web.squarecdn.com/1.54.8/ 5 KB
2 KB 28ms
26ms Stylesheet
text/css 2600:9000:23ca:6000:1:f8a6:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sandbox.web.squarecdn.com/1.54.8/card-wrapper.css
Requested by: Host: sandbox.web.squarecdn.com
URL: https://sandbox.web.squarecdn.com/v1/square.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23ca:6000:1:f8a6:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sq.dclinuxtest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: dJ2rty_D.8KOZMoLdTIcVoMJPDhpNINo
content-encoding: gzip
via: 1.1 babb61789095288ef1d09146c15e7f1e.cloudfront.net (CloudFront)
date: Fri, 23 Feb 2024 23:45:45 GMT
x-amz-cf-pop: JFK50-P2
age: 65580
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-websdk-version: 1.54.8
last-modified: Tue, 20 Feb 2024 23:13:02 GMT
server: AmazonS3
etag: W/"fc8dede0a55deae1322d5d80b0e848a9"
access-control-max-age: 300
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
x-amz-meta-md5checksum: /I3t4KVd6uEyLV2AsOhIqQ==
cache-control: public, max-age=300
vary: Accept-Encoding
x-amz-cf-id: 3cmBOTMOasSVdGIh47sH4NVGgWXN4a8e26KzCCPZoZlFMoIeAJFUQQ==

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f89929a556909e88126e8544bcc55ae94f6a967d723306b74c63907ca65e8619

Request headers

Referer
Origin: https://sq.dclinuxtest.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 SquareSansText-Regular.woff2
square-fonts-production-f.squarecdn.com/square-text/ 32 KB
32 KB 91ms
19ms Font
font/woff2 151.101.193.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Regular.woff2
Requested by: Host: sandbox.web.squarecdn.com
URL: https://sandbox.web.squarecdn.com/1.54.8/card-wrapper.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83

Request headers

Referer: https://sandbox.web.squarecdn.com/
Origin: https://sq.dclinuxtest.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: pv_xtU6mem0xei0tuyD_FNLK8t7vngOP
date: Sat, 24 Feb 2024 17:58:44 GMT
via: 1.1 varnish
x-amz-request-id: HE0CH65NBGFMKD55
age: 6861417
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 32724
x-amz-id-2: YneH3tyVK7ZSKYTWIJnlH16tEjM5u+He5NiUd5/gx1I0iu9t7AoghraeFHviPzlfK39NAS1LwM4=
x-served-by: cache-yyz4554-YYZ
last-modified: Tue, 17 Oct 2023 21:24:04 GMT
server: AmazonS3
x-timer: S1708797525.678490,VS0,VE0
etag: "8bd78348f371229eadd661171386f3b8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, stale-while-revalidate
accept-ranges: bytes
x-cache-hits: 123

GET
H2 200 SquareSansText-Regular.woff2
square-fonts-production-f.squarecdn.com/square-text/ Frame F0DC 32 KB
32 KB 75ms
20ms Font
font/woff2 151.101.193.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83

Request headers

Referer: https://sandbox.web.squarecdn.com/
Origin: https://sandbox.web.squarecdn.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: pv_xtU6mem0xei0tuyD_FNLK8t7vngOP
date: Sat, 24 Feb 2024 17:58:44 GMT
via: 1.1 varnish
x-amz-request-id: HE0CH65NBGFMKD55
age: 6861417
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 32724
x-amz-id-2: YneH3tyVK7ZSKYTWIJnlH16tEjM5u+He5NiUd5/gx1I0iu9t7AoghraeFHviPzlfK39NAS1LwM4=
x-served-by: cache-yyz4554-YYZ
last-modified: Tue, 17 Oct 2023 21:24:04 GMT
server: AmazonS3
x-timer: S1708797525.678468,VS0,VE0
etag: "8bd78348f371229eadd661171386f3b8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public, stale-while-revalidate
accept-ranges: bytes
x-cache-hits: 123

POST
H2 204 v2
pci-connect.squareupsandbox.com/payments/mtx/ 0
97 B 332ms
328ms Ping
text/plain 172.66.0.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareupsandbox.com/payments/mtx/v2

Requested by

Host: sandbox.web.squarecdn.com
URL: https://sandbox.web.squarecdn.com/v1/square.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sq.dclinuxtest.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Sat, 24 Feb 2024 17:58:44 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-decorator-operation: /payments/mtx/v2
x-permitted-cross-domain-policies: none
x-sq-dc: sjc2b
x-sq-region: sjc2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sq.dclinuxtest.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 85a999311f4d4bcf-BUF
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

POST
H2 200 token Show response
connect.squareupsandbox.com/v2/analytics/ Frame 6302 112 B
544 B 312ms
311ms XHR
application/json 172.66.0.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.squareupsandbox.com/v2/analytics/token

Requested by

Host: connect.squareupsandbox.com
URL: https://connect.squareupsandbox.com/payments/data/frame.html?referer=https%3A%2F%2Fsq.dclinuxtest.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f7ef37963e7c7d454a9234acca3315df43031c4da04fa7aebd2136089d856e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.squareupsandbox.com/payments/data/frame.html?referer=https%3A%2F%2Fsq.dclinuxtest.com%2F
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Feb 2024 17:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-decorator-operation: /v2/analytics/token
square-version: 2023-12-13
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
x-sq-dc: aws
x-speleo-traceid: CDN-49d4b5c1-81b5-4f73-9477-406c6cbd23b5
x-sq-region: us-east-1
content-length: 126
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://connect.squareupsandbox.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 85a99931dce7a1f3-YYZ
access-control-allow-headers: Origin, Content-Type, Authorization, X-Requested-With, _connect_js_csrf, X-JS-ID, X-CSRF-Token, Square-Version, X-Allow-Cookies, X-Block-Cookies

POST
H2 204 v2
pci-connect.squareupsandbox.com/payments/mtx/ Frame BE28 0
68 B 313ms
312ms Ping
text/plain 172.66.0.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pci-connect.squareupsandbox.com/payments/mtx/v2

Requested by

Host: sandbox.web.squarecdn.com
URL: https://sandbox.web.squarecdn.com/1.54.8/main-iframe.html?applicationId=sandbox-sq0idb-nX9B-BStAeG3S9quYmRRLw&hostname=sq.dclinuxtest.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.28 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sandbox.web.squarecdn.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Sat, 24 Feb 2024 17:58:45 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-decorator-operation: /payments/mtx/v2
x-permitted-cross-domain-policies: none
x-sq-dc: sjc2b
x-sq-region: sjc2b
x-xss-protection: 1; mode=block
server: cloudflare
x-download-options: noopen
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://sandbox.web.squarecdn.com
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 85a99931ffa64bcf-BUF
access-control-allow-headers: Origin, Content-Type, X-Allow-Cookies, X-Block-Cookies

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sq.dclinuxtest.com/	1970-01-20 18:40:04	Name: XSRF-TOKEN Value: eyJpdiI6Ii9rZGdDVVFyc3Q3Zy9ERnNOcWx1enc9PSIsInZhbHVlIjoiUnZrM016SGtwQmFjSWRhejFnQmxCSW9nMFhWS21Vck9ndEhWazBGMnZSOVl1d2gxQzRoNGppN0Q0elV1VmNjTC9TaDRSREpCSEtWWG9VTklqK3BINC9KTWp0YlFmWm13aHVXOXVhcGNCaFJvNC9SaVdya25iKzNadUxlbTBWSHYiLCJtYWMiOiIwMDRlOWU5M2MzZTc3MDMzYWVmMjI4MGM1OGY3MWI2YmExZmQxM2M1NDRlMDQxYTczYzgwMGYzZmJjMTdmZmFmIiwidGFnIjoiIn0%3D
sq.dclinuxtest.com/	1970-01-20 18:40:04	Name: laravel_session Value: eyJpdiI6IjFHajdHYzZsMVJHVkNsSGdYWVJYVUE9PSIsInZhbHVlIjoiait5K2o3NjVLcFZuZGVuV1VXUmhNc3h1em1vWGpPR28wSThPWDAzbG9BZGw1RXRXdmIyRy9HUUdpd2JqVDhVRS9YcXp3TFFycUUvWVJ4T2cxL0ttcGFvcko2Wms1bWZaZEQ5YUFreWtYQ1BDV2N5YVBPdzVBNUlqZmRKcm5GOEQiLCJtYWMiOiJkZmJhZDgyMmJkNTgyZmRlNDhiODI1YWY2MjAzMDAxOWZiMDhiYTQ2NmVhNjIyMWU2YzQyMDkzODJjM2M3Nzc3IiwidGFnIjoiIn0%3D
.squareupsandbox.com/	1970-01-20 18:39:59	Name: __cf_bm Value: EG9n3Pp7OT2eabX.PEh8LbKLSVTobz6DDsV0xpHa8Ag-1708797523-1.0-Ad4QtdQERqS8ldrwUnhkLWAbIbQ1xPyhzuvCp+Kq3jdrshWVdhMhvQGo7xGo6rZS6BivaKPMQWd1JalX9VZHKf8=
.squareupsandbox.com/	1970-01-21 04:15:57	Name: _savt Value: 7ce95720-62fd-4712-a298-949c1d36295b

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://connect.squareupsandbox.com/v1/payments Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sq.dclinuxtest.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.squareupsandbox.com
pci-connect.squareupsandbox.com
sandbox.web.squarecdn.com
sq.dclinuxtest.com
square-fonts-production-f.squarecdn.com
151.101.193.49
172.66.0.28
2600:9000:23ca:6000:1:f8a6:840:93a1
85.239.242.8
0675db7c540643bc6b01b6dca8ba4ce76a792710be650dde4ded05d375f194e8
0f7ef37963e7c7d454a9234acca3315df43031c4da04fa7aebd2136089d856e2
1347a51dd266e16c38378cdf7d13e1d10f0611685758eb680a9db2dc80ad252b
13e5be8529d666e248cdbb739f49560ce4ba48614cdf27f6d1e82f2b2f01591e
83f5a1b689b57d45aec792d55a024e16b0a4506336d025bf426c449de3368235
946b2060a1a40b52c0d08f7dc047c13663af5cf7fa1ab7264bfee8b77cf6ce23
a5112629409347fd52abeb0e5334189f3519ed16063f8a7effdc980c3c278f0a
b0acd1684a83495765a718fe9f0751fb7be85464ed12302eafbe019d213d952d
ce0d0b6cec57d33ad715219c18d983654cedc833e895ed8cccc792d08da5ab83
d5cdbd3c2fd57c6a218c46fd687430b5ce368e7ca196040486472682dc0f8f7d
d77d0d728b89e28863f08f544e1b74af4742cb911dcb44a1bca989c5c9fcc475
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f89929a556909e88126e8544bcc55ae94f6a967d723306b74c63907ca65e8619

sq.dclinuxtest.com Open in urlscan Pro 85.239.242.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

25 %IPv6

3 Domains

5 Subdomains

5 IPs

1 Countries

289 kBTransfer

801 kBSize

4 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

4 Cookies

12 Console Messages

Indicators

sq.dclinuxtest.com Open in urlscan Pro
85.239.242.8 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

5
IPs

1
Countries

289 kB
Transfer

801 kB
Size

4
Cookies

16 HTTP transactions
1 data transactions